csaf_suse - suse-su-2017:0333-1

Vulnerability from csaf_suse

Published

2017-01-30 16:03

Modified

2017-01-30 16:03

Summary

Security update for the Linux Kernel

Notes

Title of the patch

Security update for the Linux Kernel

Description of the patch

The SUSE Linux Enterprise 11 SP2 LTSS kernel was updated to receive various security and bugfixes. This is the last planned LTSS kernel update for the SUSE Linux Enterprise Server 11 SP2 LTSS. The following security bugs were fixed: - CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710). - CVE-2004-0230: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#969340). - CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831). - CVE-2016-8399: An out of bounds read in the ping protocol handler could have lead to information disclosure (bsc#1014746). - CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531). - CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542). - CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038). - CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566). - CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832). - CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecified removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939). - CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacked chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). - CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716). - CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711). - CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507). - CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467). - CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150). - CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968). - CVE-2017-5551: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. This CVE tracks the fix for the tmpfs filesystem. (bsc#1021258). - CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759). - CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932). - CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296). - CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608). - CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bsc#986365). - CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689). - CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104). - CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362). - CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572). - CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755). - CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (bnc#983213). - CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bnc#983143). - CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel mishandled NM (aka alternate name) entries containing \0 characters, which allowed local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem (bnc#980725). - CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request (bnc#981267). - CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371). - CVE-2015-7833: The usbvision driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998). - CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971944). - CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401). - CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548). - CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel did not initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory by reading a message (bnc#978821). - CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879). - CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface (bnc#979213). The following non-security bugs were fixed: - arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716). - cdc-acm: added sanity checking for probe() (bsc#993891). - cgroups: do not attach task to subsystem if migration failed (bnc#979274). - cgroups: more safe tasklist locking in cgroup_attach_proc (bnc#979274). - dasd: fix hanging system after LCU changes (bnc#968500, LTC#136671). - dasd: Fix unresumed device after suspend/resume (bnc#927287, LTC#123892). - ipv4/fib: do not warn when primary address is missing if in_dev is dead (bsc#971360). - kabi, unix: properly account for FDs passed over unix sockets (bnc#839104). - kaweth: fix firmware download (bsc#993890). - kaweth: fix oops upon failed memory allocation (bsc#993890). - kvm: x86: SYSENTER emulation is broken (bsc#994618). - mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445). - mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (VM Functionality, bsc#1008645). - nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944). - nfs: Do not disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261, bsc#1011482). - nfs: do not do blind d_drop() in nfs_prime_dcache() (bnc#908069 bnc#896484 bsc#963053). - nfs_prime_dcache needs fh to be set (bnc#908069 bnc#896484 bsc#963053). - nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261). - nfsv4: Ensure that we do not drop a state owner more than once (bsc#979595). - nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595, bsc#1011482). - nfsv4: nfs4_proc_renew should be declared static (bnc#863873). - nfsv4: OPEN must handle the NFS4ERR_IO return code correctly (bsc#979595). - nfsv4: Recovery of recalled read delegations is broken (bsc#956514 bsc#1011482). - nfsv4: The NFSv4.0 client must send RENEW calls if it holds a delegation (bnc#863873). - powerpc: Add ability to build little endian kernels (bsc#967716). - powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716). - powerpc: Do not build assembly files with ABIv2 (bsc#967716). - powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716). - powerpc: dtc is required to build dtb files (bsc#967716). - powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716). - powerpc: Fix error when cross building TAGS & cscope (bsc#967716). - powerpc: Make the vdso32 also build big-endian (bsc#967716). - powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716). - powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716). - powerpc: Require gcc 4.0 on 64-bit (bsc#967716). - ppp: defer netns reference release for ppp channel (bsc#980371). - qeth: delete napi struct when removing a qeth device (bnc#979915, LTC#143590). - qeth: Fix crash on initial MTU size change (bnc#835175, LTC#96809). - qeth: postpone freeing of qdio memory (bnc#874145, LTC#107873). - rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422) - Revert 's390/mm: fix asce_bits handling with dynamic pagetable levels' This reverts commit 6e00b1d803fa2ab4b130e04b7fbcc99f0b5ecba8. - rpm/config.sh: Set the release string to 0.7.<RELEASE> (bsc#997059) - rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059) - s390/dasd: fix failfast for disconnected devices (bnc#958000, LTC#135138). - s390/dasd: fix hanging device after clear subchannel (bnc#994436, LTC#144640). - s390/dasd: fix kernel panic when alias is set offline (bnc#940966, LTC#128595). - s390/dasd: fix list_del corruption after lcu changes (bnc#954984, LTC#133077). - s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979915, LTC#141456). Conflicts: series.conf - s390/pageattr: do a single TLB flush for change_page_attr (bsc#1009443,LTC#148182). - Set CONFIG_DEBUG_INFO=y and CONFIG_DEBUG_INFO_REDUCED=n on all platforms The specfile adjusts the config if necessary, but a new version of run_oldconfig.sh requires the settings to be present in the repository. - usb: fix typo in wMaxPacketSize validation (bsc#991665). - usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).

Patchnames

slessp2-kernel-12961

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for the Linux Kernel",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "\nThe SUSE Linux Enterprise 11 SP2 LTSS kernel was updated to receive various security and bugfixes.\n\nThis is the last planned LTSS kernel update for the SUSE Linux Enterprise Server 11 SP2 LTSS.\n\nThe following security bugs were fixed:\n\n- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).\n- CVE-2004-0230: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP (bnc#969340).\n- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).\n- CVE-2016-8399: An out of bounds read in the ping protocol handler could have lead to information disclosure (bsc#1014746).\n- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).\n- CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option (bnc#1013542).\n- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory via a crafted application (bnc#1013038).\n- CVE-2016-3841: The IPv6 stack in the Linux kernel mishandled options data, which allowed local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call (bnc#992566).\n- CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel allowed local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations (bnc#1012832).\n- CVE-2015-1350: The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecified removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bnc#914939).\n- CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501).\n- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacked chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685).\n- CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716).\n- CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711).\n- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a tty data structure (bnc#1010507).\n- CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467).\n- CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150).\n- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833).\n- CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel used an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517).\n- CVE-2016-7097: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions (bnc#995968).\n- CVE-2017-5551: The filesystem implementation in the Linux kernel preserves the setgid bit during a setxattr call, which allowed local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. This CVE tracks the fix for the tmpfs filesystem. (bsc#1021258).\n- CVE-2015-8956: The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel allowed local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket (bnc#1003925).\n- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077).\n- CVE-2016-0823: The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel allowed local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721 (bnc#994759).\n- CVE-2016-7425: The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel did not restrict a certain length field, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code (bnc#999932).\n- CVE-2016-6828: The tcp_check_send_head function in include/net/tcp.h in the Linux kernel did not properly maintain certain SACK state after a failed data copy, which allowed local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option (bnc#994296).\n- CVE-2016-6480: Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a 'double fetch' vulnerability (bnc#991608).\n- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bsc#986365).\n- CVE-2015-7513: arch/x86/kvm/x86.c in the Linux kernel did not reset the PIT counter values during state restoration, which allowed guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions (bnc#960689).\n- CVE-2013-4312: The Linux kernel allowed local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c (bnc#839104).\n- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).\n- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).\n- CVE-2016-5244: The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel did not initialize a certain structure member, which allowed remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message (bnc#983213).\n- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bnc#983143).\n- CVE-2016-4913: The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel mishandled NM (aka alternate name) entries containing \\0 characters, which allowed local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem (bnc#980725).\n- CVE-2016-4580: The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel did not properly initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request (bnc#981267).\n- CVE-2016-4805: Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions (bnc#980371).\n- CVE-2015-7833: The usbvision driver in the Linux kernel allowed physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor (bnc#950998).\n- CVE-2016-2187: The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#971944).\n- CVE-2016-4482: The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call (bnc#978401).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relies on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bnc#979548).\n- CVE-2016-4485: The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel did not initialize a certain data structure, which allowed attackers to obtain sensitive information from kernel stack memory by reading a message (bnc#978821).\n- CVE-2016-4578: sound/core/timer.c in the Linux kernel did not initialize certain r1 data structures, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions (bnc#979879).\n- CVE-2016-4569: The snd_timer_user_params function in sound/core/timer.c in the Linux kernel did not initialize a certain data structure, which allowed local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface (bnc#979213).\n\n\nThe following non-security bugs were fixed:\n\n- arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).\n- cdc-acm: added sanity checking for probe() (bsc#993891).\n- cgroups: do not attach task to subsystem if migration failed (bnc#979274).\n- cgroups: more safe tasklist locking in cgroup_attach_proc (bnc#979274).\n- dasd: fix hanging system after LCU changes (bnc#968500, LTC#136671).\n- dasd: Fix unresumed device after suspend/resume (bnc#927287, LTC#123892).\n- ipv4/fib: do not warn when primary address is missing if in_dev is dead (bsc#971360).\n- kabi, unix: properly account for FDs passed over unix sockets (bnc#839104).\n- kaweth: fix firmware download (bsc#993890).\n- kaweth: fix oops upon failed memory allocation (bsc#993890).\n- kvm: x86: SYSENTER emulation is broken (bsc#994618).\n- mm: thp: fix SMP race condition between THP page fault and MADV_DONTNEED (VM Functionality, bnc#986445).\n- mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (VM Functionality, bsc#1008645).\n- nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944).\n- nfs: Do not disconnect open-owner on NFS4ERR_BAD_SEQID (bsc#989261, bsc#1011482).\n- nfs: do not do blind d_drop() in nfs_prime_dcache() (bnc#908069 bnc#896484 bsc#963053).\n- nfs_prime_dcache needs fh to be set (bnc#908069 bnc#896484 bsc#963053).\n- nfs: Refresh open-owner id when server says SEQID is bad (bsc#989261).\n- nfsv4: Ensure that we do not drop a state owner more than once (bsc#979595).\n- nfsv4: fix broken patch relating to v4 read delegations (bsc#956514, bsc#989261, bsc#979595, bsc#1011482).\n- nfsv4: nfs4_proc_renew should be declared static (bnc#863873).\n- nfsv4: OPEN must handle the NFS4ERR_IO return code correctly (bsc#979595).\n- nfsv4: Recovery of recalled read delegations is broken (bsc#956514 bsc#1011482).\n- nfsv4: The NFSv4.0 client must send RENEW calls if it holds a delegation (bnc#863873).\n- powerpc: Add ability to build little endian kernels (bsc#967716).\n- powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716).\n- powerpc: Do not build assembly files with ABIv2 (bsc#967716).\n- powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).\n- powerpc: dtc is required to build dtb files (bsc#967716).\n- powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).\n- powerpc: Fix error when cross building TAGS & cscope (bsc#967716).\n- powerpc: Make the vdso32 also build big-endian (bsc#967716).\n- powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).\n- powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716).\n- powerpc: Require gcc 4.0 on 64-bit (bsc#967716).\n- ppp: defer netns reference release for ppp channel (bsc#980371).\n- qeth: delete napi struct when removing a qeth device (bnc#979915, LTC#143590).\n- qeth: Fix crash on initial MTU size change (bnc#835175, LTC#96809).\n- qeth: postpone freeing of qdio memory (bnc#874145, LTC#107873).\n- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)\n- Revert 's390/mm: fix asce_bits handling with dynamic pagetable levels' This reverts commit 6e00b1d803fa2ab4b130e04b7fbcc99f0b5ecba8.\n- rpm/config.sh: Set the release string to 0.7.<RELEASE> (bsc#997059)\n- rpm/mkspec: Read a default release string from rpm/config.sh (bsc997059)\n- s390/dasd: fix failfast for disconnected devices (bnc#958000, LTC#135138).\n- s390/dasd: fix hanging device after clear subchannel (bnc#994436, LTC#144640).\n- s390/dasd: fix kernel panic when alias is set offline (bnc#940966, LTC#128595).\n- s390/dasd: fix list_del corruption after lcu changes (bnc#954984, LTC#133077).\n- s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979915, LTC#141456). Conflicts: \tseries.conf\n- s390/pageattr: do a single TLB flush for change_page_attr (bsc#1009443,LTC#148182).\n- Set CONFIG_DEBUG_INFO=y and CONFIG_DEBUG_INFO_REDUCED=n on all platforms The specfile adjusts the config if necessary, but a new version of run_oldconfig.sh requires the settings to be present in the repository.\n- usb: fix typo in wMaxPacketSize validation (bsc#991665).\n- usb: validate wMaxPacketValue entries in endpoint descriptors (bnc#991665).\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "slessp2-kernel-12961",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0333-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2017:0333-1",
            url: "https://www.suse.com/support/update/announcement/2017/suse-su-20170333-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2017:0333-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2017-January/002609.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1003077",
            url: "https://bugzilla.suse.com/1003077",
         },
         {
            category: "self",
            summary: "SUSE Bug 1003925",
            url: "https://bugzilla.suse.com/1003925",
         },
         {
            category: "self",
            summary: "SUSE Bug 1004517",
            url: "https://bugzilla.suse.com/1004517",
         },
         {
            category: "self",
            summary: "SUSE Bug 1007944",
            url: "https://bugzilla.suse.com/1007944",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008645",
            url: "https://bugzilla.suse.com/1008645",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008831",
            url: "https://bugzilla.suse.com/1008831",
         },
         {
            category: "self",
            summary: "SUSE Bug 1008833",
            url: "https://bugzilla.suse.com/1008833",
         },
         {
            category: "self",
            summary: "SUSE Bug 1009443",
            url: "https://bugzilla.suse.com/1009443",
         },
         {
            category: "self",
            summary: "SUSE Bug 1010150",
            url: "https://bugzilla.suse.com/1010150",
         },
         {
            category: "self",
            summary: "SUSE Bug 1010467",
            url: "https://bugzilla.suse.com/1010467",
         },
         {
            category: "self",
            summary: "SUSE Bug 1010501",
            url: "https://bugzilla.suse.com/1010501",
         },
         {
            category: "self",
            summary: "SUSE Bug 1010507",
            url: "https://bugzilla.suse.com/1010507",
         },
         {
            category: "self",
            summary: "SUSE Bug 1010711",
            url: "https://bugzilla.suse.com/1010711",
         },
         {
            category: "self",
            summary: "SUSE Bug 1010716",
            url: "https://bugzilla.suse.com/1010716",
         },
         {
            category: "self",
            summary: "SUSE Bug 1011482",
            url: "https://bugzilla.suse.com/1011482",
         },
         {
            category: "self",
            summary: "SUSE Bug 1011685",
            url: "https://bugzilla.suse.com/1011685",
         },
         {
            category: "self",
            summary: "SUSE Bug 1012422",
            url: "https://bugzilla.suse.com/1012422",
         },
         {
            category: "self",
            summary: "SUSE Bug 1012832",
            url: "https://bugzilla.suse.com/1012832",
         },
         {
            category: "self",
            summary: "SUSE Bug 1013038",
            url: "https://bugzilla.suse.com/1013038",
         },
         {
            category: "self",
            summary: "SUSE Bug 1013531",
            url: "https://bugzilla.suse.com/1013531",
         },
         {
            category: "self",
            summary: "SUSE Bug 1013542",
            url: "https://bugzilla.suse.com/1013542",
         },
         {
            category: "self",
            summary: "SUSE Bug 1014746",
            url: "https://bugzilla.suse.com/1014746",
         },
         {
            category: "self",
            summary: "SUSE Bug 1017710",
            url: "https://bugzilla.suse.com/1017710",
         },
         {
            category: "self",
            summary: "SUSE Bug 1021258",
            url: "https://bugzilla.suse.com/1021258",
         },
         {
            category: "self",
            summary: "SUSE Bug 835175",
            url: "https://bugzilla.suse.com/835175",
         },
         {
            category: "self",
            summary: "SUSE Bug 839104",
            url: "https://bugzilla.suse.com/839104",
         },
         {
            category: "self",
            summary: "SUSE Bug 863873",
            url: "https://bugzilla.suse.com/863873",
         },
         {
            category: "self",
            summary: "SUSE Bug 874145",
            url: "https://bugzilla.suse.com/874145",
         },
         {
            category: "self",
            summary: "SUSE Bug 896484",
            url: "https://bugzilla.suse.com/896484",
         },
         {
            category: "self",
            summary: "SUSE Bug 908069",
            url: "https://bugzilla.suse.com/908069",
         },
         {
            category: "self",
            summary: "SUSE Bug 914939",
            url: "https://bugzilla.suse.com/914939",
         },
         {
            category: "self",
            summary: "SUSE Bug 922947",
            url: "https://bugzilla.suse.com/922947",
         },
         {
            category: "self",
            summary: "SUSE Bug 927287",
            url: "https://bugzilla.suse.com/927287",
         },
         {
            category: "self",
            summary: "SUSE Bug 940966",
            url: "https://bugzilla.suse.com/940966",
         },
         {
            category: "self",
            summary: "SUSE Bug 950998",
            url: "https://bugzilla.suse.com/950998",
         },
         {
            category: "self",
            summary: "SUSE Bug 954984",
            url: "https://bugzilla.suse.com/954984",
         },
         {
            category: "self",
            summary: "SUSE Bug 956514",
            url: "https://bugzilla.suse.com/956514",
         },
         {
            category: "self",
            summary: "SUSE Bug 958000",
            url: "https://bugzilla.suse.com/958000",
         },
         {
            category: "self",
            summary: "SUSE Bug 960689",
            url: "https://bugzilla.suse.com/960689",
         },
         {
            category: "self",
            summary: "SUSE Bug 963053",
            url: "https://bugzilla.suse.com/963053",
         },
         {
            category: "self",
            summary: "SUSE Bug 967716",
            url: "https://bugzilla.suse.com/967716",
         },
         {
            category: "self",
            summary: "SUSE Bug 968500",
            url: "https://bugzilla.suse.com/968500",
         },
         {
            category: "self",
            summary: "SUSE Bug 969340",
            url: "https://bugzilla.suse.com/969340",
         },
         {
            category: "self",
            summary: "SUSE Bug 971360",
            url: "https://bugzilla.suse.com/971360",
         },
         {
            category: "self",
            summary: "SUSE Bug 971944",
            url: "https://bugzilla.suse.com/971944",
         },
         {
            category: "self",
            summary: "SUSE Bug 978401",
            url: "https://bugzilla.suse.com/978401",
         },
         {
            category: "self",
            summary: "SUSE Bug 978821",
            url: "https://bugzilla.suse.com/978821",
         },
         {
            category: "self",
            summary: "SUSE Bug 979213",
            url: "https://bugzilla.suse.com/979213",
         },
         {
            category: "self",
            summary: "SUSE Bug 979274",
            url: "https://bugzilla.suse.com/979274",
         },
         {
            category: "self",
            summary: "SUSE Bug 979548",
            url: "https://bugzilla.suse.com/979548",
         },
         {
            category: "self",
            summary: "SUSE Bug 979595",
            url: "https://bugzilla.suse.com/979595",
         },
         {
            category: "self",
            summary: "SUSE Bug 979879",
            url: "https://bugzilla.suse.com/979879",
         },
         {
            category: "self",
            summary: "SUSE Bug 979915",
            url: "https://bugzilla.suse.com/979915",
         },
         {
            category: "self",
            summary: "SUSE Bug 980363",
            url: "https://bugzilla.suse.com/980363",
         },
         {
            category: "self",
            summary: "SUSE Bug 980371",
            url: "https://bugzilla.suse.com/980371",
         },
         {
            category: "self",
            summary: "SUSE Bug 980725",
            url: "https://bugzilla.suse.com/980725",
         },
         {
            category: "self",
            summary: "SUSE Bug 981267",
            url: "https://bugzilla.suse.com/981267",
         },
         {
            category: "self",
            summary: "SUSE Bug 983143",
            url: "https://bugzilla.suse.com/983143",
         },
         {
            category: "self",
            summary: "SUSE Bug 983213",
            url: "https://bugzilla.suse.com/983213",
         },
         {
            category: "self",
            summary: "SUSE Bug 984755",
            url: "https://bugzilla.suse.com/984755",
         },
         {
            category: "self",
            summary: "SUSE Bug 986362",
            url: "https://bugzilla.suse.com/986362",
         },
         {
            category: "self",
            summary: "SUSE Bug 986365",
            url: "https://bugzilla.suse.com/986365",
         },
         {
            category: "self",
            summary: "SUSE Bug 986445",
            url: "https://bugzilla.suse.com/986445",
         },
         {
            category: "self",
            summary: "SUSE Bug 986572",
            url: "https://bugzilla.suse.com/986572",
         },
         {
            category: "self",
            summary: "SUSE Bug 989261",
            url: "https://bugzilla.suse.com/989261",
         },
         {
            category: "self",
            summary: "SUSE Bug 991608",
            url: "https://bugzilla.suse.com/991608",
         },
         {
            category: "self",
            summary: "SUSE Bug 991665",
            url: "https://bugzilla.suse.com/991665",
         },
         {
            category: "self",
            summary: "SUSE Bug 992566",
            url: "https://bugzilla.suse.com/992566",
         },
         {
            category: "self",
            summary: "SUSE Bug 993890",
            url: "https://bugzilla.suse.com/993890",
         },
         {
            category: "self",
            summary: "SUSE Bug 993891",
            url: "https://bugzilla.suse.com/993891",
         },
         {
            category: "self",
            summary: "SUSE Bug 994296",
            url: "https://bugzilla.suse.com/994296",
         },
         {
            category: "self",
            summary: "SUSE Bug 994436",
            url: "https://bugzilla.suse.com/994436",
         },
         {
            category: "self",
            summary: "SUSE Bug 994618",
            url: "https://bugzilla.suse.com/994618",
         },
         {
            category: "self",
            summary: "SUSE Bug 994759",
            url: "https://bugzilla.suse.com/994759",
         },
         {
            category: "self",
            summary: "SUSE Bug 995968",
            url: "https://bugzilla.suse.com/995968",
         },
         {
            category: "self",
            summary: "SUSE Bug 997059",
            url: "https://bugzilla.suse.com/997059",
         },
         {
            category: "self",
            summary: "SUSE Bug 999932",
            url: "https://bugzilla.suse.com/999932",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2004-0230 page",
            url: "https://www.suse.com/security/cve/CVE-2004-0230/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2012-6704 page",
            url: "https://www.suse.com/security/cve/CVE-2012-6704/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2013-4312 page",
            url: "https://www.suse.com/security/cve/CVE-2013-4312/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-1350 page",
            url: "https://www.suse.com/security/cve/CVE-2015-1350/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-7513 page",
            url: "https://www.suse.com/security/cve/CVE-2015-7513/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-7833 page",
            url: "https://www.suse.com/security/cve/CVE-2015-7833/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-8956 page",
            url: "https://www.suse.com/security/cve/CVE-2015-8956/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-8962 page",
            url: "https://www.suse.com/security/cve/CVE-2015-8962/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2015-8964 page",
            url: "https://www.suse.com/security/cve/CVE-2015-8964/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-0823 page",
            url: "https://www.suse.com/security/cve/CVE-2016-0823/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-10088 page",
            url: "https://www.suse.com/security/cve/CVE-2016-10088/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-1583 page",
            url: "https://www.suse.com/security/cve/CVE-2016-1583/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-2187 page",
            url: "https://www.suse.com/security/cve/CVE-2016-2187/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-2189 page",
            url: "https://www.suse.com/security/cve/CVE-2016-2189/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-3841 page",
            url: "https://www.suse.com/security/cve/CVE-2016-3841/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4470 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4470/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4482 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4482/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4485 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4485/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4565 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4565/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4569 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4569/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4578 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4578/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4580 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4580/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4805 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4805/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4913 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4913/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-4997 page",
            url: "https://www.suse.com/security/cve/CVE-2016-4997/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-5244 page",
            url: "https://www.suse.com/security/cve/CVE-2016-5244/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-5829 page",
            url: "https://www.suse.com/security/cve/CVE-2016-5829/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-6480 page",
            url: "https://www.suse.com/security/cve/CVE-2016-6480/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-6828 page",
            url: "https://www.suse.com/security/cve/CVE-2016-6828/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-7042 page",
            url: "https://www.suse.com/security/cve/CVE-2016-7042/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-7097 page",
            url: "https://www.suse.com/security/cve/CVE-2016-7097/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-7117 page",
            url: "https://www.suse.com/security/cve/CVE-2016-7117/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-7425 page",
            url: "https://www.suse.com/security/cve/CVE-2016-7425/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-7910 page",
            url: "https://www.suse.com/security/cve/CVE-2016-7910/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-7911 page",
            url: "https://www.suse.com/security/cve/CVE-2016-7911/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-7916 page",
            url: "https://www.suse.com/security/cve/CVE-2016-7916/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-8399 page",
            url: "https://www.suse.com/security/cve/CVE-2016-8399/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-8632 page",
            url: "https://www.suse.com/security/cve/CVE-2016-8632/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-8633 page",
            url: "https://www.suse.com/security/cve/CVE-2016-8633/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-8646 page",
            url: "https://www.suse.com/security/cve/CVE-2016-8646/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-9555 page",
            url: "https://www.suse.com/security/cve/CVE-2016-9555/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-9685 page",
            url: "https://www.suse.com/security/cve/CVE-2016-9685/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-9756 page",
            url: "https://www.suse.com/security/cve/CVE-2016-9756/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2016-9793 page",
            url: "https://www.suse.com/security/cve/CVE-2016-9793/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-5551 page",
            url: "https://www.suse.com/security/cve/CVE-2017-5551/",
         },
      ],
      title: "Security update for the Linux Kernel",
      tracking: {
         current_release_date: "2017-01-30T16:03:00Z",
         generator: {
            date: "2017-01-30T16:03:00Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2017:0333-1",
         initial_release_date: "2017-01-30T16:03:00Z",
         revision_history: [
            {
               date: "2017-01-30T16:03:00Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-default-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-default-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-default-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-base-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-default-base-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-default-base-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-devel-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-default-devel-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-default-devel-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-ec2-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-ec2-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-ec2-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-ec2-base-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-ec2-base-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-ec2-base-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-pae-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-pae-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-pae-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-pae-base-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-pae-base-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-pae-base-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-pae-devel-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-pae-devel-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-pae-devel-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-source-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-source-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-source-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-syms-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-syms-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-syms-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-trace-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-trace-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-trace-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-trace-base-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-trace-base-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-trace-base-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-trace-devel-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-trace-devel-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-trace-devel-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-xen-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-xen-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-xen-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-xen-base-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-xen-base-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-xen-base-3.0.101-0.7.53.1.i586",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-xen-devel-3.0.101-0.7.53.1.i586",
                        product: {
                           name: "kernel-xen-devel-3.0.101-0.7.53.1.i586",
                           product_id: "kernel-xen-devel-3.0.101-0.7.53.1.i586",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "i586",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-default-3.0.101-0.7.53.1.s390x",
                        product: {
                           name: "kernel-default-3.0.101-0.7.53.1.s390x",
                           product_id: "kernel-default-3.0.101-0.7.53.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-base-3.0.101-0.7.53.1.s390x",
                        product: {
                           name: "kernel-default-base-3.0.101-0.7.53.1.s390x",
                           product_id: "kernel-default-base-3.0.101-0.7.53.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-devel-3.0.101-0.7.53.1.s390x",
                        product: {
                           name: "kernel-default-devel-3.0.101-0.7.53.1.s390x",
                           product_id: "kernel-default-devel-3.0.101-0.7.53.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-man-3.0.101-0.7.53.1.s390x",
                        product: {
                           name: "kernel-default-man-3.0.101-0.7.53.1.s390x",
                           product_id: "kernel-default-man-3.0.101-0.7.53.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-source-3.0.101-0.7.53.1.s390x",
                        product: {
                           name: "kernel-source-3.0.101-0.7.53.1.s390x",
                           product_id: "kernel-source-3.0.101-0.7.53.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-syms-3.0.101-0.7.53.1.s390x",
                        product: {
                           name: "kernel-syms-3.0.101-0.7.53.1.s390x",
                           product_id: "kernel-syms-3.0.101-0.7.53.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-trace-3.0.101-0.7.53.1.s390x",
                        product: {
                           name: "kernel-trace-3.0.101-0.7.53.1.s390x",
                           product_id: "kernel-trace-3.0.101-0.7.53.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-trace-base-3.0.101-0.7.53.1.s390x",
                        product: {
                           name: "kernel-trace-base-3.0.101-0.7.53.1.s390x",
                           product_id: "kernel-trace-base-3.0.101-0.7.53.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                        product: {
                           name: "kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                           product_id: "kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-default-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-default-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-default-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-base-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-default-base-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-default-base-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-ec2-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-ec2-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-ec2-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-source-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-source-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-source-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-syms-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-syms-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-syms-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-trace-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-trace-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-trace-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-xen-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-xen-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-xen-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
                        product: {
                           name: "kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
                           product_id: "kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 11 SP2-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise Server 11 SP2-LTSS",
                           product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:suse_sles_ltss:11:sp2",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-default-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-3.0.101-0.7.53.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
            },
            product_reference: "kernel-default-3.0.101-0.7.53.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-default-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-base-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-default-base-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-base-3.0.101-0.7.53.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
            },
            product_reference: "kernel-default-base-3.0.101-0.7.53.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-base-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-default-base-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-devel-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-default-devel-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-devel-3.0.101-0.7.53.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
            },
            product_reference: "kernel-default-devel-3.0.101-0.7.53.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-devel-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-default-devel-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-man-3.0.101-0.7.53.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
            },
            product_reference: "kernel-default-man-3.0.101-0.7.53.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-ec2-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-ec2-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-ec2-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-ec2-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-ec2-base-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-ec2-base-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-ec2-base-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-ec2-devel-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-ec2-devel-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-ec2-devel-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-pae-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-pae-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-pae-base-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-pae-base-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-pae-devel-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-pae-devel-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-source-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-source-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-source-3.0.101-0.7.53.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
            },
            product_reference: "kernel-source-3.0.101-0.7.53.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-source-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-source-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-syms-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-3.0.101-0.7.53.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
            },
            product_reference: "kernel-syms-3.0.101-0.7.53.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-syms-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-trace-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-trace-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-trace-3.0.101-0.7.53.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
            },
            product_reference: "kernel-trace-3.0.101-0.7.53.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-trace-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-trace-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-trace-base-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-trace-base-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-trace-base-3.0.101-0.7.53.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
            },
            product_reference: "kernel-trace-base-3.0.101-0.7.53.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-trace-base-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-trace-base-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-trace-devel-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-trace-devel-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-trace-devel-3.0.101-0.7.53.1.s390x as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
            },
            product_reference: "kernel-trace-devel-3.0.101-0.7.53.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-trace-devel-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-xen-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-xen-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-base-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-xen-base-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-base-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-xen-base-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-devel-3.0.101-0.7.53.1.i586 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
            },
            product_reference: "kernel-xen-devel-3.0.101-0.7.53.1.i586",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-devel-3.0.101-0.7.53.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP2-LTSS",
               product_id: "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            },
            product_reference: "kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP2-LTSS",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2004-0230",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2004-0230",
            },
         ],
         notes: [
            {
               category: "general",
               text: "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2004-0230",
               url: "https://www.suse.com/security/cve/CVE-2004-0230",
            },
            {
               category: "external",
               summary: "SUSE Bug 1184394 for CVE-2004-0230",
               url: "https://bugzilla.suse.com/1184394",
            },
            {
               category: "external",
               summary: "SUSE Bug 1198501 for CVE-2004-0230",
               url: "https://bugzilla.suse.com/1198501",
            },
            {
               category: "external",
               summary: "SUSE Bug 1206598 for CVE-2004-0230",
               url: "https://bugzilla.suse.com/1206598",
            },
            {
               category: "external",
               summary: "SUSE Bug 969340 for CVE-2004-0230",
               url: "https://bugzilla.suse.com/969340",
            },
            {
               category: "external",
               summary: "SUSE Bug 989152 for CVE-2004-0230",
               url: "https://bugzilla.suse.com/989152",
            },
            {
               category: "external",
               summary: "SUSE Bug 992991 for CVE-2004-0230",
               url: "https://bugzilla.suse.com/992991",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.7,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2004-0230",
      },
      {
         cve: "CVE-2012-6704",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2012-6704",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2012-6704",
               url: "https://www.suse.com/security/cve/CVE-2012-6704",
            },
            {
               category: "external",
               summary: "SUSE Bug 1013531 for CVE-2012-6704",
               url: "https://bugzilla.suse.com/1013531",
            },
            {
               category: "external",
               summary: "SUSE Bug 1013542 for CVE-2012-6704",
               url: "https://bugzilla.suse.com/1013542",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2012-6704",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2012-6704",
      },
      {
         cve: "CVE-2013-4312",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2013-4312",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2013-4312",
               url: "https://www.suse.com/security/cve/CVE-2013-4312",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2013-4312",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 839104 for CVE-2013-4312",
               url: "https://bugzilla.suse.com/839104",
            },
            {
               category: "external",
               summary: "SUSE Bug 922947 for CVE-2013-4312",
               url: "https://bugzilla.suse.com/922947",
            },
            {
               category: "external",
               summary: "SUSE Bug 968014 for CVE-2013-4312",
               url: "https://bugzilla.suse.com/968014",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2013-4312",
      },
      {
         cve: "CVE-2015-1350",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-1350",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-1350",
               url: "https://www.suse.com/security/cve/CVE-2015-1350",
            },
            {
               category: "external",
               summary: "SUSE Bug 1052256 for CVE-2015-1350",
               url: "https://bugzilla.suse.com/1052256",
            },
            {
               category: "external",
               summary: "SUSE Bug 914939 for CVE-2015-1350",
               url: "https://bugzilla.suse.com/914939",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-1350",
      },
      {
         cve: "CVE-2015-7513",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-7513",
            },
         ],
         notes: [
            {
               category: "general",
               text: "arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-7513",
               url: "https://www.suse.com/security/cve/CVE-2015-7513",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2015-7513",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 960689 for CVE-2015-7513",
               url: "https://bugzilla.suse.com/960689",
            },
            {
               category: "external",
               summary: "SUSE Bug 987709 for CVE-2015-7513",
               url: "https://bugzilla.suse.com/987709",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-7513",
      },
      {
         cve: "CVE-2015-7833",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-7833",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-7833",
               url: "https://www.suse.com/security/cve/CVE-2015-7833",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2015-7833",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 950998 for CVE-2015-7833",
               url: "https://bugzilla.suse.com/950998",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-7833",
      },
      {
         cve: "CVE-2015-8956",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-8956",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-8956",
               url: "https://www.suse.com/security/cve/CVE-2015-8956",
            },
            {
               category: "external",
               summary: "SUSE Bug 1003925 for CVE-2015-8956",
               url: "https://bugzilla.suse.com/1003925",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-8956",
      },
      {
         cve: "CVE-2015-8962",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-8962",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-8962",
               url: "https://www.suse.com/security/cve/CVE-2015-8962",
            },
            {
               category: "external",
               summary: "SUSE Bug 1010501 for CVE-2015-8962",
               url: "https://bugzilla.suse.com/1010501",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2015-8962",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-8962",
      },
      {
         cve: "CVE-2015-8964",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2015-8964",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2015-8964",
               url: "https://www.suse.com/security/cve/CVE-2015-8964",
            },
            {
               category: "external",
               summary: "SUSE Bug 1010507 for CVE-2015-8964",
               url: "https://bugzilla.suse.com/1010507",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2015-8964",
      },
      {
         cve: "CVE-2016-0823",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-0823",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-0823",
               url: "https://www.suse.com/security/cve/CVE-2016-0823",
            },
            {
               category: "external",
               summary: "SUSE Bug 987709 for CVE-2016-0823",
               url: "https://bugzilla.suse.com/987709",
            },
            {
               category: "external",
               summary: "SUSE Bug 994759 for CVE-2016-0823",
               url: "https://bugzilla.suse.com/994759",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-0823",
      },
      {
         cve: "CVE-2016-10088",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-10088",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-10088",
               url: "https://www.suse.com/security/cve/CVE-2016-10088",
            },
            {
               category: "external",
               summary: "SUSE Bug 1013604 for CVE-2016-10088",
               url: "https://bugzilla.suse.com/1013604",
            },
            {
               category: "external",
               summary: "SUSE Bug 1014271 for CVE-2016-10088",
               url: "https://bugzilla.suse.com/1014271",
            },
            {
               category: "external",
               summary: "SUSE Bug 1017710 for CVE-2016-10088",
               url: "https://bugzilla.suse.com/1017710",
            },
            {
               category: "external",
               summary: "SUSE Bug 1019079 for CVE-2016-10088",
               url: "https://bugzilla.suse.com/1019079",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-10088",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "important",
            },
         ],
         title: "CVE-2016-10088",
      },
      {
         cve: "CVE-2016-1583",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-1583",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-1583",
               url: "https://www.suse.com/security/cve/CVE-2016-1583",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-1583",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 1052256 for CVE-2016-1583",
               url: "https://bugzilla.suse.com/1052256",
            },
            {
               category: "external",
               summary: "SUSE Bug 983143 for CVE-2016-1583",
               url: "https://bugzilla.suse.com/983143",
            },
            {
               category: "external",
               summary: "SUSE Bug 983144 for CVE-2016-1583",
               url: "https://bugzilla.suse.com/983144",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "important",
            },
         ],
         title: "CVE-2016-1583",
      },
      {
         cve: "CVE-2016-2187",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-2187",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-2187",
               url: "https://www.suse.com/security/cve/CVE-2016-2187",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-2187",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 971919 for CVE-2016-2187",
               url: "https://bugzilla.suse.com/971919",
            },
            {
               category: "external",
               summary: "SUSE Bug 971944 for CVE-2016-2187",
               url: "https://bugzilla.suse.com/971944",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-2187",
      },
      {
         cve: "CVE-2016-2189",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-2189",
            },
         ],
         notes: [
            {
               category: "general",
               text: "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2016-4565.  Reason: This candidate is a reservation duplicate of CVE-2016-4565.  Notes: All CVE users should reference CVE-2016-4565 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-2189",
               url: "https://www.suse.com/security/cve/CVE-2016-2189",
            },
            {
               category: "external",
               summary: "SUSE Bug 979548 for CVE-2016-2189",
               url: "https://bugzilla.suse.com/979548",
            },
            {
               category: "external",
               summary: "SUSE Bug 980363 for CVE-2016-2189",
               url: "https://bugzilla.suse.com/980363",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-2189",
      },
      {
         cve: "CVE-2016-3841",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-3841",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-3841",
               url: "https://www.suse.com/security/cve/CVE-2016-3841",
            },
            {
               category: "external",
               summary: "SUSE Bug 1052256 for CVE-2016-3841",
               url: "https://bugzilla.suse.com/1052256",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-3841",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 992566 for CVE-2016-3841",
               url: "https://bugzilla.suse.com/992566",
            },
            {
               category: "external",
               summary: "SUSE Bug 992569 for CVE-2016-3841",
               url: "https://bugzilla.suse.com/992569",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-3841",
      },
      {
         cve: "CVE-2016-4470",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4470",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4470",
               url: "https://www.suse.com/security/cve/CVE-2016-4470",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-4470",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 984755 for CVE-2016-4470",
               url: "https://bugzilla.suse.com/984755",
            },
            {
               category: "external",
               summary: "SUSE Bug 984764 for CVE-2016-4470",
               url: "https://bugzilla.suse.com/984764",
            },
            {
               category: "external",
               summary: "SUSE Bug 991651 for CVE-2016-4470",
               url: "https://bugzilla.suse.com/991651",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-4470",
      },
      {
         cve: "CVE-2016-4482",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4482",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4482",
               url: "https://www.suse.com/security/cve/CVE-2016-4482",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-4482",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 978401 for CVE-2016-4482",
               url: "https://bugzilla.suse.com/978401",
            },
            {
               category: "external",
               summary: "SUSE Bug 978445 for CVE-2016-4482",
               url: "https://bugzilla.suse.com/978445",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "low",
            },
         ],
         title: "CVE-2016-4482",
      },
      {
         cve: "CVE-2016-4485",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4485",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4485",
               url: "https://www.suse.com/security/cve/CVE-2016-4485",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-4485",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 978821 for CVE-2016-4485",
               url: "https://bugzilla.suse.com/978821",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-4485",
      },
      {
         cve: "CVE-2016-4565",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4565",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4565",
               url: "https://www.suse.com/security/cve/CVE-2016-4565",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-4565",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 979548 for CVE-2016-4565",
               url: "https://bugzilla.suse.com/979548",
            },
            {
               category: "external",
               summary: "SUSE Bug 980363 for CVE-2016-4565",
               url: "https://bugzilla.suse.com/980363",
            },
            {
               category: "external",
               summary: "SUSE Bug 980883 for CVE-2016-4565",
               url: "https://bugzilla.suse.com/980883",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-4565",
      },
      {
         cve: "CVE-2016-4569",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4569",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4569",
               url: "https://www.suse.com/security/cve/CVE-2016-4569",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-4569",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 979213 for CVE-2016-4569",
               url: "https://bugzilla.suse.com/979213",
            },
            {
               category: "external",
               summary: "SUSE Bug 979879 for CVE-2016-4569",
               url: "https://bugzilla.suse.com/979879",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "low",
            },
         ],
         title: "CVE-2016-4569",
      },
      {
         cve: "CVE-2016-4578",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4578",
            },
         ],
         notes: [
            {
               category: "general",
               text: "sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4578",
               url: "https://www.suse.com/security/cve/CVE-2016-4578",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-4578",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 1052256 for CVE-2016-4578",
               url: "https://bugzilla.suse.com/1052256",
            },
            {
               category: "external",
               summary: "SUSE Bug 979879 for CVE-2016-4578",
               url: "https://bugzilla.suse.com/979879",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "low",
            },
         ],
         title: "CVE-2016-4578",
      },
      {
         cve: "CVE-2016-4580",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4580",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4580",
               url: "https://www.suse.com/security/cve/CVE-2016-4580",
            },
            {
               category: "external",
               summary: "SUSE Bug 870618 for CVE-2016-4580",
               url: "https://bugzilla.suse.com/870618",
            },
            {
               category: "external",
               summary: "SUSE Bug 981267 for CVE-2016-4580",
               url: "https://bugzilla.suse.com/981267",
            },
            {
               category: "external",
               summary: "SUSE Bug 985132 for CVE-2016-4580",
               url: "https://bugzilla.suse.com/985132",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "low",
            },
         ],
         title: "CVE-2016-4580",
      },
      {
         cve: "CVE-2016-4805",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4805",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4805",
               url: "https://www.suse.com/security/cve/CVE-2016-4805",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-4805",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-4805",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 980371 for CVE-2016-4805",
               url: "https://bugzilla.suse.com/980371",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "low",
            },
         ],
         title: "CVE-2016-4805",
      },
      {
         cve: "CVE-2016-4913",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4913",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4913",
               url: "https://www.suse.com/security/cve/CVE-2016-4913",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-4913",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 870618 for CVE-2016-4913",
               url: "https://bugzilla.suse.com/870618",
            },
            {
               category: "external",
               summary: "SUSE Bug 980725 for CVE-2016-4913",
               url: "https://bugzilla.suse.com/980725",
            },
            {
               category: "external",
               summary: "SUSE Bug 985132 for CVE-2016-4913",
               url: "https://bugzilla.suse.com/985132",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-4913",
      },
      {
         cve: "CVE-2016-4997",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-4997",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-4997",
               url: "https://www.suse.com/security/cve/CVE-2016-4997",
            },
            {
               category: "external",
               summary: "SUSE Bug 1020452 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/1020452",
            },
            {
               category: "external",
               summary: "SUSE Bug 986362 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/986362",
            },
            {
               category: "external",
               summary: "SUSE Bug 986365 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/986365",
            },
            {
               category: "external",
               summary: "SUSE Bug 986377 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/986377",
            },
            {
               category: "external",
               summary: "SUSE Bug 991651 for CVE-2016-4997",
               url: "https://bugzilla.suse.com/991651",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "important",
            },
         ],
         title: "CVE-2016-4997",
      },
      {
         cve: "CVE-2016-5244",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-5244",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-5244",
               url: "https://www.suse.com/security/cve/CVE-2016-5244",
            },
            {
               category: "external",
               summary: "SUSE Bug 983213 for CVE-2016-5244",
               url: "https://bugzilla.suse.com/983213",
            },
            {
               category: "external",
               summary: "SUSE Bug 986225 for CVE-2016-5244",
               url: "https://bugzilla.suse.com/986225",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.5,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-5244",
      },
      {
         cve: "CVE-2016-5829",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-5829",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-5829",
               url: "https://www.suse.com/security/cve/CVE-2016-5829",
            },
            {
               category: "external",
               summary: "SUSE Bug 1053919 for CVE-2016-5829",
               url: "https://bugzilla.suse.com/1053919",
            },
            {
               category: "external",
               summary: "SUSE Bug 1054127 for CVE-2016-5829",
               url: "https://bugzilla.suse.com/1054127",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-5829",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 986572 for CVE-2016-5829",
               url: "https://bugzilla.suse.com/986572",
            },
            {
               category: "external",
               summary: "SUSE Bug 986573 for CVE-2016-5829",
               url: "https://bugzilla.suse.com/986573",
            },
            {
               category: "external",
               summary: "SUSE Bug 991651 for CVE-2016-5829",
               url: "https://bugzilla.suse.com/991651",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-5829",
      },
      {
         cve: "CVE-2016-6480",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-6480",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a \"double fetch\" vulnerability.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-6480",
               url: "https://www.suse.com/security/cve/CVE-2016-6480",
            },
            {
               category: "external",
               summary: "SUSE Bug 1004418 for CVE-2016-6480",
               url: "https://bugzilla.suse.com/1004418",
            },
            {
               category: "external",
               summary: "SUSE Bug 991608 for CVE-2016-6480",
               url: "https://bugzilla.suse.com/991608",
            },
            {
               category: "external",
               summary: "SUSE Bug 991667 for CVE-2016-6480",
               url: "https://bugzilla.suse.com/991667",
            },
            {
               category: "external",
               summary: "SUSE Bug 992568 for CVE-2016-6480",
               url: "https://bugzilla.suse.com/992568",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-6480",
      },
      {
         cve: "CVE-2016-6828",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-6828",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-6828",
               url: "https://www.suse.com/security/cve/CVE-2016-6828",
            },
            {
               category: "external",
               summary: "SUSE Bug 1052256 for CVE-2016-6828",
               url: "https://bugzilla.suse.com/1052256",
            },
            {
               category: "external",
               summary: "SUSE Bug 994296 for CVE-2016-6828",
               url: "https://bugzilla.suse.com/994296",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-6828",
      },
      {
         cve: "CVE-2016-7042",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-7042",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-7042",
               url: "https://www.suse.com/security/cve/CVE-2016-7042",
            },
            {
               category: "external",
               summary: "SUSE Bug 1004517 for CVE-2016-7042",
               url: "https://bugzilla.suse.com/1004517",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-7042",
      },
      {
         cve: "CVE-2016-7097",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-7097",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-7097",
               url: "https://www.suse.com/security/cve/CVE-2016-7097",
            },
            {
               category: "external",
               summary: "SUSE Bug 1021258 for CVE-2016-7097",
               url: "https://bugzilla.suse.com/1021258",
            },
            {
               category: "external",
               summary: "SUSE Bug 1052256 for CVE-2016-7097",
               url: "https://bugzilla.suse.com/1052256",
            },
            {
               category: "external",
               summary: "SUSE Bug 870618 for CVE-2016-7097",
               url: "https://bugzilla.suse.com/870618",
            },
            {
               category: "external",
               summary: "SUSE Bug 995968 for CVE-2016-7097",
               url: "https://bugzilla.suse.com/995968",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "low",
            },
         ],
         title: "CVE-2016-7097",
      },
      {
         cve: "CVE-2016-7117",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-7117",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-7117",
               url: "https://www.suse.com/security/cve/CVE-2016-7117",
            },
            {
               category: "external",
               summary: "SUSE Bug 1003077 for CVE-2016-7117",
               url: "https://bugzilla.suse.com/1003077",
            },
            {
               category: "external",
               summary: "SUSE Bug 1003253 for CVE-2016-7117",
               url: "https://bugzilla.suse.com/1003253",
            },
            {
               category: "external",
               summary: "SUSE Bug 1057478 for CVE-2016-7117",
               url: "https://bugzilla.suse.com/1057478",
            },
            {
               category: "external",
               summary: "SUSE Bug 1071943 for CVE-2016-7117",
               url: "https://bugzilla.suse.com/1071943",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-7117",
      },
      {
         cve: "CVE-2016-7425",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-7425",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-7425",
               url: "https://www.suse.com/security/cve/CVE-2016-7425",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-7425",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 999932 for CVE-2016-7425",
               url: "https://bugzilla.suse.com/999932",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-7425",
      },
      {
         cve: "CVE-2016-7910",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-7910",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-7910",
               url: "https://www.suse.com/security/cve/CVE-2016-7910",
            },
            {
               category: "external",
               summary: "SUSE Bug 1010716 for CVE-2016-7910",
               url: "https://bugzilla.suse.com/1010716",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-7910",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 1196722 for CVE-2016-7910",
               url: "https://bugzilla.suse.com/1196722",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-7910",
      },
      {
         cve: "CVE-2016-7911",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-7911",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-7911",
               url: "https://www.suse.com/security/cve/CVE-2016-7911",
            },
            {
               category: "external",
               summary: "SUSE Bug 1010711 for CVE-2016-7911",
               url: "https://bugzilla.suse.com/1010711",
            },
            {
               category: "external",
               summary: "SUSE Bug 1010713 for CVE-2016-7911",
               url: "https://bugzilla.suse.com/1010713",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-7911",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-7911",
      },
      {
         cve: "CVE-2016-7916",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-7916",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-7916",
               url: "https://www.suse.com/security/cve/CVE-2016-7916",
            },
            {
               category: "external",
               summary: "SUSE Bug 1010467 for CVE-2016-7916",
               url: "https://bugzilla.suse.com/1010467",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-7916",
      },
      {
         cve: "CVE-2016-8399",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-8399",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-8399",
               url: "https://www.suse.com/security/cve/CVE-2016-8399",
            },
            {
               category: "external",
               summary: "SUSE Bug 1014746 for CVE-2016-8399",
               url: "https://bugzilla.suse.com/1014746",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-8399",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-8399",
      },
      {
         cve: "CVE-2016-8632",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-8632",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-8632",
               url: "https://www.suse.com/security/cve/CVE-2016-8632",
            },
            {
               category: "external",
               summary: "SUSE Bug 1008831 for CVE-2016-8632",
               url: "https://bugzilla.suse.com/1008831",
            },
            {
               category: "external",
               summary: "SUSE Bug 1012852 for CVE-2016-8632",
               url: "https://bugzilla.suse.com/1012852",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-8632",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-8632",
      },
      {
         cve: "CVE-2016-8633",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-8633",
            },
         ],
         notes: [
            {
               category: "general",
               text: "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-8633",
               url: "https://www.suse.com/security/cve/CVE-2016-8633",
            },
            {
               category: "external",
               summary: "SUSE Bug 1008833 for CVE-2016-8633",
               url: "https://bugzilla.suse.com/1008833",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-8633",
      },
      {
         cve: "CVE-2016-8646",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-8646",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-8646",
               url: "https://www.suse.com/security/cve/CVE-2016-8646",
            },
            {
               category: "external",
               summary: "SUSE Bug 1010150 for CVE-2016-8646",
               url: "https://bugzilla.suse.com/1010150",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-8646",
      },
      {
         cve: "CVE-2016-9555",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-9555",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-9555",
               url: "https://www.suse.com/security/cve/CVE-2016-9555",
            },
            {
               category: "external",
               summary: "SUSE Bug 1011685 for CVE-2016-9555",
               url: "https://bugzilla.suse.com/1011685",
            },
            {
               category: "external",
               summary: "SUSE Bug 1012183 for CVE-2016-9555",
               url: "https://bugzilla.suse.com/1012183",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-9555",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "important",
            },
         ],
         title: "CVE-2016-9555",
      },
      {
         cve: "CVE-2016-9685",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-9685",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-9685",
               url: "https://www.suse.com/security/cve/CVE-2016-9685",
            },
            {
               category: "external",
               summary: "SUSE Bug 1012832 for CVE-2016-9685",
               url: "https://bugzilla.suse.com/1012832",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "low",
            },
         ],
         title: "CVE-2016-9685",
      },
      {
         cve: "CVE-2016-9756",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-9756",
            },
         ],
         notes: [
            {
               category: "general",
               text: "arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-9756",
               url: "https://www.suse.com/security/cve/CVE-2016-9756",
            },
            {
               category: "external",
               summary: "SUSE Bug 1013038 for CVE-2016-9756",
               url: "https://bugzilla.suse.com/1013038",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.1,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-9756",
      },
      {
         cve: "CVE-2016-9793",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2016-9793",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2016-9793",
               url: "https://www.suse.com/security/cve/CVE-2016-9793",
            },
            {
               category: "external",
               summary: "SUSE Bug 1013531 for CVE-2016-9793",
               url: "https://bugzilla.suse.com/1013531",
            },
            {
               category: "external",
               summary: "SUSE Bug 1013542 for CVE-2016-9793",
               url: "https://bugzilla.suse.com/1013542",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2016-9793",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "moderate",
            },
         ],
         title: "CVE-2016-9793",
      },
      {
         cve: "CVE-2017-5551",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-5551",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
               "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-5551",
               url: "https://www.suse.com/security/cve/CVE-2017-5551",
            },
            {
               category: "external",
               summary: "SUSE Bug 1021258 for CVE-2017-5551",
               url: "https://bugzilla.suse.com/1021258",
            },
            {
               category: "external",
               summary: "SUSE Bug 995968 for CVE-2017-5551",
               url: "https://bugzilla.suse.com/995968",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-default-man-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-ec2-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-pae-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-source-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-syms-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.s390x",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-trace-devel-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-base-3.0.101-0.7.53.1.x86_64",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.i586",
                  "SUSE Linux Enterprise Server 11 SP2-LTSS:kernel-xen-devel-3.0.101-0.7.53.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-01-30T16:03:00Z",
               details: "low",
            },
         ],
         title: "CVE-2017-5551",
      },
   ],
}

cve-2016-2187

Vulnerability from cvelistv5

Published

2016-05-02 10:00

Modified

2024-08-05 23:24

Severity ?

Summary

The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-3006-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3004-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3001-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/162f98dea487206d9ab79fc12ed64700667a894d	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3005-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/85425	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=162f98dea487206d9ab79fc12ed64700667a894d	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3000-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3002-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2989-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3007-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3003-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2998-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1317017	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T23:24:48.182Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3006-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3006-1",
               },
               {
                  name: "USN-3004-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3004-1",
               },
               {
                  name: "USN-3001-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3001-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/162f98dea487206d9ab79fc12ed64700667a894d",
               },
               {
                  name: "USN-3005-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3005-1",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "85425",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/85425",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=162f98dea487206d9ab79fc12ed64700667a894d",
               },
               {
                  name: "USN-2997-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2997-1",
               },
               {
                  name: "USN-3000-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3000-1",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3002-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3002-1",
               },
               {
                  name: "USN-2996-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2996-1",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "USN-2989-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2989-1",
               },
               {
                  name: "USN-3007-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3007-1",
               },
               {
                  name: "USN-3003-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3003-1",
               },
               {
                  name: "USN-2998-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2998-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1317017",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-25T20:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "USN-3006-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3006-1",
            },
            {
               name: "USN-3004-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3004-1",
            },
            {
               name: "USN-3001-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3001-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/162f98dea487206d9ab79fc12ed64700667a894d",
            },
            {
               name: "USN-3005-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3005-1",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "85425",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/85425",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=162f98dea487206d9ab79fc12ed64700667a894d",
            },
            {
               name: "USN-2997-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2997-1",
            },
            {
               name: "USN-3000-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3000-1",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3002-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3002-1",
            },
            {
               name: "USN-2996-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2996-1",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "USN-2989-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2989-1",
            },
            {
               name: "USN-3007-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3007-1",
            },
            {
               name: "USN-3003-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3003-1",
            },
            {
               name: "USN-2998-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2998-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1317017",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-2187",
      datePublished: "2016-05-02T10:00:00",
      dateReserved: "2016-01-29T00:00:00",
      dateUpdated: "2024-08-05T23:24:48.182Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-9555

Vulnerability from cvelistv5

Published

2016-11-28 03:01

Modified

2024-08-06 02:50

Severity ?

Summary

The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00044.html	vendor-advisory, x_refsource_SUSE
	https://bto.bluecoat.com/security-advisory/sa134	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00077.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00067.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1037339	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00073.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.8	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf911e985d6bbaa328c20c3e05f4eb03de11fdd6	x_refsource_CONFIRM
	https://groups.google.com/forum/#%21topic/syzkaller/pAUcHsUJbjk	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0086.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0113.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0091.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/94479	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00087.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/11/22/18	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00070.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1397930	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2017-0307.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00076.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:50:38.588Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2016:3096",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00044.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bto.bluecoat.com/security-advisory/sa134",
               },
               {
                  name: "SUSE-SU-2016:3206",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00077.html",
               },
               {
                  name: "SUSE-SU-2016:3169",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00067.html",
               },
               {
                  name: "1037339",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037339",
               },
               {
                  name: "SUSE-SU-2016:3117",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00056.html",
               },
               {
                  name: "SUSE-SU-2016:3197",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00073.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf911e985d6bbaa328c20c3e05f4eb03de11fdd6",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://groups.google.com/forum/#%21topic/syzkaller/pAUcHsUJbjk",
               },
               {
                  name: "RHSA-2017:0086",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
               },
               {
                  name: "RHSA-2017:0113",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
               },
               {
                  name: "RHSA-2017:0091",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
               },
               {
                  name: "94479",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94479",
               },
               {
                  name: "SUSE-SU-2016:3247",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00087.html",
               },
               {
                  name: "[oss-security] 20161122 CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/11/22/18",
               },
               {
                  name: "SUSE-SU-2016:3183",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00070.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1397930",
               },
               {
                  name: "SUSE-SU-2016:3116",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00055.html",
               },
               {
                  name: "SUSE-SU-2016:3113",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00054.html",
               },
               {
                  name: "RHSA-2017:0307",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0307.html",
               },
               {
                  name: "SUSE-SU-2016:3205",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00076.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-11-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "SUSE-SU-2016:3096",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00044.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bto.bluecoat.com/security-advisory/sa134",
            },
            {
               name: "SUSE-SU-2016:3206",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00077.html",
            },
            {
               name: "SUSE-SU-2016:3169",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00067.html",
            },
            {
               name: "1037339",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037339",
            },
            {
               name: "SUSE-SU-2016:3117",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00056.html",
            },
            {
               name: "SUSE-SU-2016:3197",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00073.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf911e985d6bbaa328c20c3e05f4eb03de11fdd6",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://groups.google.com/forum/#%21topic/syzkaller/pAUcHsUJbjk",
            },
            {
               name: "RHSA-2017:0086",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
            },
            {
               name: "RHSA-2017:0113",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
            },
            {
               name: "RHSA-2017:0091",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
            },
            {
               name: "94479",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94479",
            },
            {
               name: "SUSE-SU-2016:3247",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00087.html",
            },
            {
               name: "[oss-security] 20161122 CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/11/22/18",
            },
            {
               name: "SUSE-SU-2016:3183",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00070.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1397930",
            },
            {
               name: "SUSE-SU-2016:3116",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00055.html",
            },
            {
               name: "SUSE-SU-2016:3113",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00054.html",
            },
            {
               name: "RHSA-2017:0307",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0307.html",
            },
            {
               name: "SUSE-SU-2016:3205",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00076.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-9555",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "SUSE-SU-2016:3096",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00044.html",
                  },
                  {
                     name: "https://bto.bluecoat.com/security-advisory/sa134",
                     refsource: "CONFIRM",
                     url: "https://bto.bluecoat.com/security-advisory/sa134",
                  },
                  {
                     name: "SUSE-SU-2016:3206",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00077.html",
                  },
                  {
                     name: "SUSE-SU-2016:3169",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00067.html",
                  },
                  {
                     name: "1037339",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037339",
                  },
                  {
                     name: "SUSE-SU-2016:3117",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00056.html",
                  },
                  {
                     name: "SUSE-SU-2016:3197",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00073.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/bf911e985d6bbaa328c20c3e05f4eb03de11fdd6",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.8",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.8",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf911e985d6bbaa328c20c3e05f4eb03de11fdd6",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bf911e985d6bbaa328c20c3e05f4eb03de11fdd6",
                  },
                  {
                     name: "https://groups.google.com/forum/#!topic/syzkaller/pAUcHsUJbjk",
                     refsource: "CONFIRM",
                     url: "https://groups.google.com/forum/#!topic/syzkaller/pAUcHsUJbjk",
                  },
                  {
                     name: "RHSA-2017:0086",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
                  },
                  {
                     name: "RHSA-2017:0113",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
                  },
                  {
                     name: "RHSA-2017:0091",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
                  },
                  {
                     name: "94479",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94479",
                  },
                  {
                     name: "SUSE-SU-2016:3247",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00087.html",
                  },
                  {
                     name: "[oss-security] 20161122 CVE Request: Linux: net/sctp: slab-out-of-bounds in sctp_sf_ootb",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/11/22/18",
                  },
                  {
                     name: "SUSE-SU-2016:3183",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00070.html",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1397930",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1397930",
                  },
                  {
                     name: "SUSE-SU-2016:3116",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00055.html",
                  },
                  {
                     name: "SUSE-SU-2016:3113",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00054.html",
                  },
                  {
                     name: "RHSA-2017:0307",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0307.html",
                  },
                  {
                     name: "SUSE-SU-2016:3205",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00076.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-9555",
      datePublished: "2016-11-28T03:01:00",
      dateReserved: "2016-11-22T00:00:00",
      dateUpdated: "2024-08-06T02:50:38.588Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4997

Vulnerability from cvelistv5

Published

2016-07-03 21:00

Modified

2024-08-06 00:46

Severity ?

Summary

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-1	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-3	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-1847.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1349722	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3018-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-2	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-1875.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3019-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3016-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/06/24/5	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html	vendor-advisory, x_refsource_SUSE
	https://www.exploit-db.com/exploits/40435/	exploit, x_refsource_EXPLOIT-DB
	https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3018-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1036171	vdb-entry, x_refsource_SECTRACK
	https://www.exploit-db.com/exploits/40489/	exploit, x_refsource_EXPLOIT-DB
	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-1883.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3016-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/09/29/10	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-3016-4	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/91451	vdb-entry, x_refsource_BID
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3020-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:46:40.226Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2016:2180",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
               },
               {
                  name: "SUSE-SU-2016:1709",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html",
               },
               {
                  name: "USN-3017-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "USN-3017-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-3",
               },
               {
                  name: "RHSA-2016:1847",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1847.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349722",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "USN-3018-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-2",
               },
               {
                  name: "SUSE-SU-2016:2174",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
               },
               {
                  name: "USN-3017-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-2",
               },
               {
                  name: "RHSA-2016:1875",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1875.html",
               },
               {
                  name: "USN-3019-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3019-1",
               },
               {
                  name: "SUSE-SU-2016:2018",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3016-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-2",
               },
               {
                  name: "USN-3016-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-1",
               },
               {
                  name: "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/24/5",
               },
               {
                  name: "SUSE-SU-2016:2181",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
               },
               {
                  name: "SUSE-SU-2016:2178",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
               },
               {
                  name: "40435",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/40435/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c",
               },
               {
                  name: "USN-3018-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-1",
               },
               {
                  name: "1036171",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1036171",
               },
               {
                  name: "40489",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/40489/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
               },
               {
                  name: "SUSE-SU-2016:2177",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
               },
               {
                  name: "RHSA-2016:1883",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1883.html",
               },
               {
                  name: "SUSE-SU-2016:2179",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "USN-3016-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-3",
               },
               {
                  name: "SUSE-SU-2016:1710",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html",
               },
               {
                  name: "[oss-security] 20160929 CVE request - Linux kernel through 4.6.2 allows escalade privileges via IP6T_SO_SET_REPLACE compat setsockopt call",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/09/29/10",
               },
               {
                  name: "USN-3016-4",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-4",
               },
               {
                  name: "91451",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91451",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c",
               },
               {
                  name: "USN-3020-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3020-1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-06-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "SUSE-SU-2016:2180",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
            },
            {
               name: "SUSE-SU-2016:1709",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00060.html",
            },
            {
               name: "USN-3017-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "USN-3017-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-3",
            },
            {
               name: "RHSA-2016:1847",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1847.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1349722",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "USN-3018-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-2",
            },
            {
               name: "SUSE-SU-2016:2174",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
            },
            {
               name: "USN-3017-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-2",
            },
            {
               name: "RHSA-2016:1875",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1875.html",
            },
            {
               name: "USN-3019-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3019-1",
            },
            {
               name: "SUSE-SU-2016:2018",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3016-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-2",
            },
            {
               name: "USN-3016-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-1",
            },
            {
               name: "[oss-security] 20160624 Linux CVE-2016-4997 (local privilege escalation) and CVE-2016-4998 (out of bounds memory access)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/24/5",
            },
            {
               name: "SUSE-SU-2016:2181",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
            },
            {
               name: "SUSE-SU-2016:2178",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
            },
            {
               name: "40435",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/40435/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/ce683e5f9d045e5d67d1312a42b359cb2ab2a13c",
            },
            {
               name: "USN-3018-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-1",
            },
            {
               name: "1036171",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1036171",
            },
            {
               name: "40489",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/40489/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
            },
            {
               name: "SUSE-SU-2016:2177",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
            },
            {
               name: "RHSA-2016:1883",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1883.html",
            },
            {
               name: "SUSE-SU-2016:2179",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "USN-3016-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-3",
            },
            {
               name: "SUSE-SU-2016:1710",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00061.html",
            },
            {
               name: "[oss-security] 20160929 CVE request - Linux kernel through 4.6.2 allows escalade privileges via IP6T_SO_SET_REPLACE compat setsockopt call",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/09/29/10",
            },
            {
               name: "USN-3016-4",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-4",
            },
            {
               name: "91451",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/91451",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce683e5f9d045e5d67d1312a42b359cb2ab2a13c",
            },
            {
               name: "USN-3020-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3020-1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/nccgroup/TriforceLinuxSyscallFuzzer/tree/master/crash_reports/report_compatIpt",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-4997",
      datePublished: "2016-07-03T21:00:00",
      dateReserved: "2016-05-24T00:00:00",
      dateUpdated: "2024-08-06T00:46:40.226Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-8632

Vulnerability from cvelistv5

Published

2016-11-28 03:01

Modified

2024-08-06 02:27

Severity ?

Summary

The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.

References

▼	URL	Tags
	http://www.openwall.com/lists/oss-security/2016/11/08/5	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=1390832	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94211	vdb-entry, x_refsource_BID
	https://www.mail-archive.com/netdev%40vger.kernel.org/msg133205.html	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:27:41.113Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[oss-security] 20161108 CVE-2016-8632 -- Linux kernel: tipc_msg_build() doesn't validate MTU that can trigger heap overflow",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/11/08/5",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1390832",
               },
               {
                  name: "94211",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94211",
               },
               {
                  name: "[netdev] 20161018 [PATCH net] tipc: Guard against tiny MTU in tipc_msg_build()",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/netdev%40vger.kernel.org/msg133205.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-11-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-28T10:57:02",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "[oss-security] 20161108 CVE-2016-8632 -- Linux kernel: tipc_msg_build() doesn't validate MTU that can trigger heap overflow",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/11/08/5",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1390832",
            },
            {
               name: "94211",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94211",
            },
            {
               name: "[netdev] 20161018 [PATCH net] tipc: Guard against tiny MTU in tipc_msg_build()",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.mail-archive.com/netdev%40vger.kernel.org/msg133205.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-8632",
      datePublished: "2016-11-28T03:01:00",
      dateReserved: "2016-10-12T00:00:00",
      dateUpdated: "2024-08-06T02:27:41.113Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-8956

Vulnerability from cvelistv5

Published

2016-10-10 10:00

Modified

2024-08-06 08:36

Severity ?

Summary

The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.

References

▼	URL	Tags
	http://source.android.com/security/bulletin/2016-10-01.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/93326	vdb-entry, x_refsource_BID
	https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T08:36:31.038Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-10-01.html",
               },
               {
                  name: "RHSA-2016:2584",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
               },
               {
                  name: "RHSA-2016:2574",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd",
               },
               {
                  name: "93326",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93326",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-05-06T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2016-10-01.html",
            },
            {
               name: "RHSA-2016:2584",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
            },
            {
               name: "RHSA-2016:2574",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd",
            },
            {
               name: "93326",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93326",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2015-8956",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://source.android.com/security/bulletin/2016-10-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2016-10-01.html",
                  },
                  {
                     name: "RHSA-2016:2584",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
                  },
                  {
                     name: "RHSA-2016:2574",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=951b6a0717db97ce420547222647bcc40bf1eacd",
                  },
                  {
                     name: "93326",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93326",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/951b6a0717db97ce420547222647bcc40bf1eacd",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2015-8956",
      datePublished: "2016-10-10T10:00:00",
      dateReserved: "2016-08-30T00:00:00",
      dateUpdated: "2024-08-06T08:36:31.038Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-7910

Vulnerability from cvelistv5

Published

2016-11-16 04:49

Modified

2024-08-06 02:13

Severity ?

Summary

Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/77da160530dd1dc94f6ae15a981f24e5f0021e84	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1308	vendor-advisory, x_refsource_REDHAT
	http://source.android.com/security/bulletin/2016-11-01.html	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:0892	vendor-advisory, x_refsource_REDHAT
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.1	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77da160530dd1dc94f6ae15a981f24e5f0021e84	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1298	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/94135	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:1297	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:13:20.882Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/77da160530dd1dc94f6ae15a981f24e5f0021e84",
               },
               {
                  name: "RHSA-2017:1308",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1308",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-11-01.html",
               },
               {
                  name: "RHSA-2017:0892",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0892",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77da160530dd1dc94f6ae15a981f24e5f0021e84",
               },
               {
                  name: "RHSA-2017:1298",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1298",
               },
               {
                  name: "94135",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94135",
               },
               {
                  name: "RHSA-2017:1297",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1297",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/77da160530dd1dc94f6ae15a981f24e5f0021e84",
            },
            {
               name: "RHSA-2017:1308",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1308",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2016-11-01.html",
            },
            {
               name: "RHSA-2017:0892",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0892",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77da160530dd1dc94f6ae15a981f24e5f0021e84",
            },
            {
               name: "RHSA-2017:1298",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1298",
            },
            {
               name: "94135",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94135",
            },
            {
               name: "RHSA-2017:1297",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1297",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2016-7910",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/77da160530dd1dc94f6ae15a981f24e5f0021e84",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/77da160530dd1dc94f6ae15a981f24e5f0021e84",
                  },
                  {
                     name: "RHSA-2017:1308",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1308",
                  },
                  {
                     name: "http://source.android.com/security/bulletin/2016-11-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2016-11-01.html",
                  },
                  {
                     name: "RHSA-2017:0892",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0892",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.1",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.1",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77da160530dd1dc94f6ae15a981f24e5f0021e84",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=77da160530dd1dc94f6ae15a981f24e5f0021e84",
                  },
                  {
                     name: "RHSA-2017:1298",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1298",
                  },
                  {
                     name: "94135",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94135",
                  },
                  {
                     name: "RHSA-2017:1297",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1297",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2016-7910",
      datePublished: "2016-11-16T04:49:00",
      dateReserved: "2016-09-09T00:00:00",
      dateUpdated: "2024-08-06T02:13:20.882Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-5551

Vulnerability from cvelistv5

Published

2017-02-06 06:04

Modified

2024-08-05 15:04

Severity ?

Summary

The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=497de07d89c1410d76a15bec2bb41f24a2a89f31	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2017/01/21/3	mailing-list, x_refsource_MLIST
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/95717	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=1416126	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/497de07d89c1410d76a15bec2bb41f24a2a89f31	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3791	vendor-advisory, x_refsource_DEBIAN
	http://www.securitytracker.com/id/1038053	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T15:04:15.335Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=497de07d89c1410d76a15bec2bb41f24a2a89f31",
               },
               {
                  name: "[oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/01/21/3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6",
               },
               {
                  name: "95717",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/95717",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1416126",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/497de07d89c1410d76a15bec2bb41f24a2a89f31",
               },
               {
                  name: "DSA-3791",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3791",
               },
               {
                  name: "1038053",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038053",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-01-20T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=497de07d89c1410d76a15bec2bb41f24a2a89f31",
            },
            {
               name: "[oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/01/21/3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6",
            },
            {
               name: "95717",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/95717",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1416126",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/497de07d89c1410d76a15bec2bb41f24a2a89f31",
            },
            {
               name: "DSA-3791",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3791",
            },
            {
               name: "1038053",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038053",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-5551",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=497de07d89c1410d76a15bec2bb41f24a2a89f31",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=497de07d89c1410d76a15bec2bb41f24a2a89f31",
                  },
                  {
                     name: "[oss-security] 20170120 Re: CVE REQUEST: linux kernel: process with pgid zero able to crash kernel",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2017/01/21/3",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.6",
                  },
                  {
                     name: "95717",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/95717",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1416126",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1416126",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/497de07d89c1410d76a15bec2bb41f24a2a89f31",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/497de07d89c1410d76a15bec2bb41f24a2a89f31",
                  },
                  {
                     name: "DSA-3791",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3791",
                  },
                  {
                     name: "1038053",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038053",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-5551",
      datePublished: "2017-02-06T06:04:00",
      dateReserved: "2017-01-20T00:00:00",
      dateUpdated: "2024-08-05T15:04:15.335Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-7425

Vulnerability from cvelistv5

Published

2016-10-16 21:00

Modified

2024-08-06 01:57

Severity ?

Summary

The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-3146-2	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1377330	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3144-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3146-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3145-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/09/17/2	mailing-list, x_refsource_MLIST
	http://marc.info/?l=linux-scsi&m=147394796228991&w=2	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-3144-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3147-1	vendor-advisory, x_refsource_UBUNTU
	http://marc.info/?l=linux-scsi&m=147394713328707&w=2	mailing-list, x_refsource_MLIST
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7bc2b55a5c030685b399bb65b6baa9ccc3d1f167	x_refsource_CONFIRM
	https://security-tracker.debian.org/tracker/CVE-2016-7425	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3145-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/93037	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:57:47.611Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3146-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3146-2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1377330",
               },
               {
                  name: "USN-3144-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3144-2",
               },
               {
                  name: "USN-3146-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3146-1",
               },
               {
                  name: "USN-3145-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3145-1",
               },
               {
                  name: "[oss-security] 20160916 Re: linux kernel SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer()",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/09/17/2",
               },
               {
                  name: "[linux-kernel] 20160915 Re: [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=linux-scsi&m=147394796228991&w=2",
               },
               {
                  name: "USN-3144-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3144-1",
               },
               {
                  name: "USN-3147-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3147-1",
               },
               {
                  name: "[linux-kernel] 20160915 [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=linux-scsi&m=147394713328707&w=2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security-tracker.debian.org/tracker/CVE-2016-7425",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
               },
               {
                  name: "USN-3145-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3145-2",
               },
               {
                  name: "93037",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93037",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-09-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-01-04T21:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-3146-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3146-2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1377330",
            },
            {
               name: "USN-3144-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3144-2",
            },
            {
               name: "USN-3146-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3146-1",
            },
            {
               name: "USN-3145-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3145-1",
            },
            {
               name: "[oss-security] 20160916 Re: linux kernel SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer()",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/09/17/2",
            },
            {
               name: "[linux-kernel] 20160915 Re: [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://marc.info/?l=linux-scsi&m=147394796228991&w=2",
            },
            {
               name: "USN-3144-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3144-1",
            },
            {
               name: "USN-3147-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3147-1",
            },
            {
               name: "[linux-kernel] 20160915 [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://marc.info/?l=linux-scsi&m=147394713328707&w=2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security-tracker.debian.org/tracker/CVE-2016-7425",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
            },
            {
               name: "USN-3145-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3145-2",
            },
            {
               name: "93037",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93037",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-7425",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The arcmsr_iop_message_xfer function in drivers/scsi/arcmsr/arcmsr_hba.c in the Linux kernel through 4.8.2 does not restrict a certain length field, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) via an ARCMSR_MESSAGE_WRITE_WQBUFFER control code.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3146-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3146-2",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1377330",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1377330",
                  },
                  {
                     name: "USN-3144-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3144-2",
                  },
                  {
                     name: "USN-3146-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3146-1",
                  },
                  {
                     name: "USN-3145-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3145-1",
                  },
                  {
                     name: "[oss-security] 20160916 Re: linux kernel SCSI arcmsr driver: buffer overflow in arcmsr_iop_message_xfer()",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/09/17/2",
                  },
                  {
                     name: "[linux-kernel] 20160915 Re: [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
                     refsource: "MLIST",
                     url: "http://marc.info/?l=linux-scsi&m=147394796228991&w=2",
                  },
                  {
                     name: "USN-3144-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3144-1",
                  },
                  {
                     name: "USN-3147-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3147-1",
                  },
                  {
                     name: "[linux-kernel] 20160915 [patch v2] arcmsr: buffer overflow in arcmsr_iop_message_xfer()",
                     refsource: "MLIST",
                     url: "http://marc.info/?l=linux-scsi&m=147394713328707&w=2",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
                  },
                  {
                     name: "https://security-tracker.debian.org/tracker/CVE-2016-7425",
                     refsource: "CONFIRM",
                     url: "https://security-tracker.debian.org/tracker/CVE-2016-7425",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/7bc2b55a5c030685b399bb65b6baa9ccc3d1f167",
                  },
                  {
                     name: "USN-3145-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3145-2",
                  },
                  {
                     name: "93037",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93037",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-7425",
      datePublished: "2016-10-16T21:00:00",
      dateReserved: "2016-09-09T00:00:00",
      dateUpdated: "2024-08-06T01:57:47.611Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4565

Vulnerability from cvelistv5

Published

2016-05-23 10:00

Modified

2024-08-06 00:32

Severity ?

Summary

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3006-1	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3004-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3001-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-1640.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-1657.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/90301	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2016:1406	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2016:1341	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3005-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2016:1301	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-1814.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3018-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3021-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-1489.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3019-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3002-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1310570	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3021-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3018-1	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-1617.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3007-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3003-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-1581.html	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2016:1277	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2016/05/07/1	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:32:25.910Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2016:1690",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
               },
               {
                  name: "USN-3006-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3006-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
               },
               {
                  name: "USN-3004-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3004-1",
               },
               {
                  name: "SUSE-SU-2016:2010",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html",
               },
               {
                  name: "SUSE-SU-2016:2011",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html",
               },
               {
                  name: "USN-3001-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3001-1",
               },
               {
                  name: "SUSE-SU-2016:2003",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html",
               },
               {
                  name: "RHSA-2016:1640",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1640.html",
               },
               {
                  name: "RHSA-2016:1657",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1657.html",
               },
               {
                  name: "SUSE-SU-2016:1994",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html",
               },
               {
                  name: "90301",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/90301",
               },
               {
                  name: "RHSA-2016:1406",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2016:1406",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
               },
               {
                  name: "RHSA-2016:1341",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2016:1341",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
               },
               {
                  name: "SUSE-SU-2016:1961",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html",
               },
               {
                  name: "USN-3005-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3005-1",
               },
               {
                  name: "SUSE-SU-2016:2001",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "RHSA-2016:1301",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2016:1301",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3",
               },
               {
                  name: "RHSA-2016:1814",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1814.html",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3",
               },
               {
                  name: "USN-3018-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-2",
               },
               {
                  name: "USN-3021-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-2",
               },
               {
                  name: "SUSE-SU-2016:2006",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html",
               },
               {
                  name: "SUSE-SU-2016:2014",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html",
               },
               {
                  name: "RHSA-2016:1489",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1489.html",
               },
               {
                  name: "USN-3019-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3019-1",
               },
               {
                  name: "openSUSE-SU-2016:1641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3002-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3002-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1310570",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "SUSE-SU-2016:2009",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html",
               },
               {
                  name: "USN-3021-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-1",
               },
               {
                  name: "USN-3018-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-1",
               },
               {
                  name: "RHSA-2016:1617",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1617.html",
               },
               {
                  name: "SUSE-SU-2016:2005",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html",
               },
               {
                  name: "SUSE-SU-2016:2007",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html",
               },
               {
                  name: "USN-3007-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3007-1",
               },
               {
                  name: "SUSE-SU-2016:2000",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html",
               },
               {
                  name: "USN-3003-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3003-1",
               },
               {
                  name: "SUSE-SU-2016:1995",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "SUSE-SU-2016:2002",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html",
               },
               {
                  name: "RHSA-2016:1581",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1581.html",
               },
               {
                  name: "RHSA-2016:1277",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2016:1277",
               },
               {
                  name: "[oss-security] 20160507 CVE Request: Linux: IB/security: Restrict use of the write() interface'",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/05/07/1",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-04T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            shortName: "debian",
         },
         references: [
            {
               name: "SUSE-SU-2016:1690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
            },
            {
               name: "USN-3006-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3006-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
            },
            {
               name: "USN-3004-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3004-1",
            },
            {
               name: "SUSE-SU-2016:2010",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html",
            },
            {
               name: "SUSE-SU-2016:2011",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html",
            },
            {
               name: "USN-3001-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3001-1",
            },
            {
               name: "SUSE-SU-2016:2003",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html",
            },
            {
               name: "RHSA-2016:1640",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1640.html",
            },
            {
               name: "RHSA-2016:1657",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1657.html",
            },
            {
               name: "SUSE-SU-2016:1994",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html",
            },
            {
               name: "90301",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/90301",
            },
            {
               name: "RHSA-2016:1406",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2016:1406",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
            },
            {
               name: "RHSA-2016:1341",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2016:1341",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
            },
            {
               name: "SUSE-SU-2016:1961",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html",
            },
            {
               name: "USN-3005-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3005-1",
            },
            {
               name: "SUSE-SU-2016:2001",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "RHSA-2016:1301",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2016:1301",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3",
            },
            {
               name: "RHSA-2016:1814",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1814.html",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3",
            },
            {
               name: "USN-3018-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-2",
            },
            {
               name: "USN-3021-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-2",
            },
            {
               name: "SUSE-SU-2016:2006",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html",
            },
            {
               name: "SUSE-SU-2016:2014",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html",
            },
            {
               name: "RHSA-2016:1489",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1489.html",
            },
            {
               name: "USN-3019-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3019-1",
            },
            {
               name: "openSUSE-SU-2016:1641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3002-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3002-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1310570",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "SUSE-SU-2016:2009",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html",
            },
            {
               name: "USN-3021-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-1",
            },
            {
               name: "USN-3018-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-1",
            },
            {
               name: "RHSA-2016:1617",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1617.html",
            },
            {
               name: "SUSE-SU-2016:2005",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html",
            },
            {
               name: "SUSE-SU-2016:2007",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html",
            },
            {
               name: "USN-3007-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3007-1",
            },
            {
               name: "SUSE-SU-2016:2000",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html",
            },
            {
               name: "USN-3003-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3003-1",
            },
            {
               name: "SUSE-SU-2016:1995",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "SUSE-SU-2016:2002",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html",
            },
            {
               name: "RHSA-2016:1581",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1581.html",
            },
            {
               name: "RHSA-2016:1277",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2016:1277",
            },
            {
               name: "[oss-security] 20160507 CVE Request: Linux: IB/security: Restrict use of the write() interface'",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/05/07/1",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@debian.org",
               ID: "CVE-2016-4565",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "SUSE-SU-2016:1690",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
                  },
                  {
                     name: "USN-3006-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3006-1",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
                  },
                  {
                     name: "USN-3004-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3004-1",
                  },
                  {
                     name: "SUSE-SU-2016:2010",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html",
                  },
                  {
                     name: "SUSE-SU-2016:2011",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html",
                  },
                  {
                     name: "USN-3001-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3001-1",
                  },
                  {
                     name: "SUSE-SU-2016:2003",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html",
                  },
                  {
                     name: "RHSA-2016:1640",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-1640.html",
                  },
                  {
                     name: "RHSA-2016:1657",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-1657.html",
                  },
                  {
                     name: "SUSE-SU-2016:1994",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html",
                  },
                  {
                     name: "90301",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/90301",
                  },
                  {
                     name: "RHSA-2016:1406",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2016:1406",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                  },
                  {
                     name: "RHSA-2016:1341",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2016:1341",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
                  },
                  {
                     name: "SUSE-SU-2016:1961",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html",
                  },
                  {
                     name: "USN-3005-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3005-1",
                  },
                  {
                     name: "SUSE-SU-2016:2001",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "RHSA-2016:1301",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2016:1301",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3",
                  },
                  {
                     name: "RHSA-2016:1814",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-1814.html",
                  },
                  {
                     name: "openSUSE-SU-2016:2184",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/e6bd18f57aad1a2d1ef40e646d03ed0f2515c9e3",
                  },
                  {
                     name: "USN-3018-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-2",
                  },
                  {
                     name: "USN-3021-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-2",
                  },
                  {
                     name: "SUSE-SU-2016:2006",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html",
                  },
                  {
                     name: "SUSE-SU-2016:2014",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html",
                  },
                  {
                     name: "RHSA-2016:1489",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-1489.html",
                  },
                  {
                     name: "USN-3019-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3019-1",
                  },
                  {
                     name: "openSUSE-SU-2016:1641",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.3",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "USN-3002-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3002-1",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1310570",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1310570",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "SUSE-SU-2016:2009",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html",
                  },
                  {
                     name: "USN-3021-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-1",
                  },
                  {
                     name: "USN-3018-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-1",
                  },
                  {
                     name: "RHSA-2016:1617",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-1617.html",
                  },
                  {
                     name: "SUSE-SU-2016:2005",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html",
                  },
                  {
                     name: "SUSE-SU-2016:2007",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html",
                  },
                  {
                     name: "USN-3007-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3007-1",
                  },
                  {
                     name: "SUSE-SU-2016:2000",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html",
                  },
                  {
                     name: "USN-3003-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3003-1",
                  },
                  {
                     name: "SUSE-SU-2016:1995",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html",
                  },
                  {
                     name: "SUSE-SU-2016:2105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
                  },
                  {
                     name: "SUSE-SU-2016:2002",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html",
                  },
                  {
                     name: "RHSA-2016:1581",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-1581.html",
                  },
                  {
                     name: "RHSA-2016:1277",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2016:1277",
                  },
                  {
                     name: "[oss-security] 20160507 CVE Request: Linux: IB/security: Restrict use of the write() interface'",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/05/07/1",
                  },
                  {
                     name: "SUSE-SU-2016:1937",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5",
      assignerShortName: "debian",
      cveId: "CVE-2016-4565",
      datePublished: "2016-05-23T10:00:00",
      dateReserved: "2016-05-07T00:00:00",
      dateUpdated: "2024-08-06T00:32:25.910Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4913

Vulnerability from cvelistv5

Published

2016-05-23 10:00

Modified

2024-08-06 00:46

Severity ?

Summary

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2018:3083	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3018-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3021-2	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1337528	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3017-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3019-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3016-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3021-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/05/18/5	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-3018-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/05/18/3	mailing-list, x_refsource_MLIST
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/90730	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3016-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-4	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:3096	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3020-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:46:39.243Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2018:3083",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:3083",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
               },
               {
                  name: "USN-3017-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-1",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "USN-3017-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-3",
               },
               {
                  name: "USN-3018-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-2",
               },
               {
                  name: "USN-3021-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1337528",
               },
               {
                  name: "USN-3017-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-2",
               },
               {
                  name: "USN-3019-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3019-1",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3016-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-2",
               },
               {
                  name: "USN-3016-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-1",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "USN-3021-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-1",
               },
               {
                  name: "[oss-security] 20160518 Re: CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/05/18/5",
               },
               {
                  name: "USN-3018-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-1",
               },
               {
                  name: "[oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/05/18/3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
               },
               {
                  name: "90730",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/90730",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6",
               },
               {
                  name: "USN-3016-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-3",
               },
               {
                  name: "USN-3016-4",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-4",
               },
               {
                  name: "RHSA-2018:3096",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:3096",
               },
               {
                  name: "USN-3020-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3020-1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-18T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-31T09:57:01",
            orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            shortName: "debian",
         },
         references: [
            {
               name: "RHSA-2018:3083",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:3083",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
            },
            {
               name: "USN-3017-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-1",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "USN-3017-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-3",
            },
            {
               name: "USN-3018-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-2",
            },
            {
               name: "USN-3021-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1337528",
            },
            {
               name: "USN-3017-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-2",
            },
            {
               name: "USN-3019-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3019-1",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3016-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-2",
            },
            {
               name: "USN-3016-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-1",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "USN-3021-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-1",
            },
            {
               name: "[oss-security] 20160518 Re: CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/05/18/5",
            },
            {
               name: "USN-3018-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-1",
            },
            {
               name: "[oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/05/18/3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
            },
            {
               name: "90730",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/90730",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6",
            },
            {
               name: "USN-3016-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-3",
            },
            {
               name: "USN-3016-4",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-4",
            },
            {
               name: "RHSA-2018:3096",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:3096",
            },
            {
               name: "USN-3020-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3020-1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@debian.org",
               ID: "CVE-2016-4913",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \\0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2018:3083",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:3083",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/99d825822eade8d827a1817357cbf3f889a552d6",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                  },
                  {
                     name: "USN-3017-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-1",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "USN-3017-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-3",
                  },
                  {
                     name: "USN-3018-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-2",
                  },
                  {
                     name: "USN-3021-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-2",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1337528",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1337528",
                  },
                  {
                     name: "USN-3017-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-2",
                  },
                  {
                     name: "USN-3019-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3019-1",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "USN-3016-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-2",
                  },
                  {
                     name: "USN-3016-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-1",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "USN-3021-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-1",
                  },
                  {
                     name: "[oss-security] 20160518 Re: CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/05/18/5",
                  },
                  {
                     name: "USN-3018-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-1",
                  },
                  {
                     name: "[oss-security] 20160518 CVE Request: Linux: information leak in Rock Ridge Extensions to iso9660 -- fs/isofs/rock.c",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/05/18/3",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
                  },
                  {
                     name: "90730",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/90730",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=99d825822eade8d827a1817357cbf3f889a552d6",
                  },
                  {
                     name: "USN-3016-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-3",
                  },
                  {
                     name: "USN-3016-4",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-4",
                  },
                  {
                     name: "RHSA-2018:3096",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:3096",
                  },
                  {
                     name: "USN-3020-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3020-1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5",
      assignerShortName: "debian",
      cveId: "CVE-2016-4913",
      datePublished: "2016-05-23T10:00:00",
      dateReserved: "2016-05-18T00:00:00",
      dateUpdated: "2024-08-06T00:46:39.243Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-5244

Vulnerability from cvelistv5

Published

2016-06-27 10:00

Modified

2024-08-06 00:53

Severity ?

Summary

The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3070-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/06/03/5	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	https://patchwork.ozlabs.org/patch/629110/	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3070-3	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1041895	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/91021	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3070-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1343337	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3071-1	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3070-4	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3072-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3072-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3071-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:53:48.916Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb",
               },
               {
                  name: "SUSE-SU-2016:1690",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
               },
               {
                  name: "USN-3070-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3070-1",
               },
               {
                  name: "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/03/5",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/629110/",
               },
               {
                  name: "USN-3070-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3070-3",
               },
               {
                  name: "1041895",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1041895",
               },
               {
                  name: "openSUSE-SU-2016:1641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
               },
               {
                  name: "91021",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91021",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb",
               },
               {
                  name: "USN-3070-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3070-2",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337",
               },
               {
                  name: "USN-3071-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3071-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
               },
               {
                  name: "USN-3070-4",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3070-4",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "USN-3072-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3072-2",
               },
               {
                  name: "USN-3072-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3072-1",
               },
               {
                  name: "USN-3071-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3071-2",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-06-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-17T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb",
            },
            {
               name: "SUSE-SU-2016:1690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
            },
            {
               name: "USN-3070-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3070-1",
            },
            {
               name: "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/03/5",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/629110/",
            },
            {
               name: "USN-3070-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3070-3",
            },
            {
               name: "1041895",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1041895",
            },
            {
               name: "openSUSE-SU-2016:1641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
            },
            {
               name: "91021",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/91021",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb",
            },
            {
               name: "USN-3070-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3070-2",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337",
            },
            {
               name: "USN-3071-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3071-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
            },
            {
               name: "USN-3070-4",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3070-4",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "USN-3072-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3072-2",
            },
            {
               name: "USN-3072-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3072-1",
            },
            {
               name: "USN-3071-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3071-2",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-5244",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The rds_inc_info_copy function in net/rds/recv.c in the Linux kernel through 4.6.3 does not initialize a certain structure member, which allows remote attackers to obtain sensitive information from kernel stack memory by reading an RDS message.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/4116def2337991b39919f3b448326e21c40e0dbb",
                  },
                  {
                     name: "SUSE-SU-2016:1690",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
                  },
                  {
                     name: "USN-3070-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3070-1",
                  },
                  {
                     name: "[oss-security] 20160603 Re: CVE Request: rds: fix an infoleak in rds_inc_info_copy",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/06/03/5",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "openSUSE-SU-2016:2184",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/629110/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/629110/",
                  },
                  {
                     name: "USN-3070-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3070-3",
                  },
                  {
                     name: "1041895",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1041895",
                  },
                  {
                     name: "openSUSE-SU-2016:1641",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
                  },
                  {
                     name: "91021",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/91021",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4116def2337991b39919f3b448326e21c40e0dbb",
                  },
                  {
                     name: "USN-3070-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3070-2",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1343337",
                  },
                  {
                     name: "USN-3071-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3071-1",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html",
                  },
                  {
                     name: "USN-3070-4",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3070-4",
                  },
                  {
                     name: "SUSE-SU-2016:2105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
                  },
                  {
                     name: "USN-3072-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3072-2",
                  },
                  {
                     name: "USN-3072-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3072-1",
                  },
                  {
                     name: "USN-3071-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3071-2",
                  },
                  {
                     name: "SUSE-SU-2016:1937",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-5244",
      datePublished: "2016-06-27T10:00:00",
      dateReserved: "2016-06-03T00:00:00",
      dateUpdated: "2024-08-06T00:53:48.916Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4805

Vulnerability from cvelistv5

Published

2016-05-23 10:00

Modified

2024-08-06 00:39

Severity ?

Summary

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3021-2	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.securitytracker.com/id/1036763	vdb-entry, x_refsource_SECTRACK
	http://www.openwall.com/lists/oss-security/2016/05/15/2	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3021-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1335803	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/90605	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:39:26.273Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2016:1690",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "USN-3021-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89",
               },
               {
                  name: "openSUSE-SU-2016:1641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "1036763",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1036763",
               },
               {
                  name: "[oss-security] 20160515 Re: CVE Requests: Linux: use-after-free issue for ppp channel",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/05/15/2",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "USN-3021-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335803",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "90605",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/90605",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-20T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-08-12T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "SUSE-SU-2016:1690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "USN-3021-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89",
            },
            {
               name: "openSUSE-SU-2016:1641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "1036763",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1036763",
            },
            {
               name: "[oss-security] 20160515 Re: CVE Requests: Linux: use-after-free issue for ppp channel",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/05/15/2",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "USN-3021-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335803",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "90605",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/90605",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-4805",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "SUSE-SU-2016:1690",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "openSUSE-SU-2016:2184",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
                  },
                  {
                     name: "USN-3021-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-2",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1f461dcdd296eecedaffffc6bae2bfa90bd7eb89",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/1f461dcdd296eecedaffffc6bae2bfa90bd7eb89",
                  },
                  {
                     name: "openSUSE-SU-2016:1641",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "1036763",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1036763",
                  },
                  {
                     name: "[oss-security] 20160515 Re: CVE Requests: Linux: use-after-free issue for ppp channel",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/05/15/2",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "USN-3021-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-1",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1335803",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335803",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
                  },
                  {
                     name: "SUSE-SU-2016:2105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
                  },
                  {
                     name: "90605",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/90605",
                  },
                  {
                     name: "SUSE-SU-2016:1937",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-4805",
      datePublished: "2016-05-23T10:00:00",
      dateReserved: "2016-05-15T00:00:00",
      dateUpdated: "2024-08-06T00:39:26.273Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-1583

Vulnerability from cvelistv5

Published

2016-06-27 10:00

Modified

2024-08-05 23:02

Severity ?

Summary

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-3006-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3004-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-2766.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3001-1	vendor-advisory, x_refsource_UBUNTU
	https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html	vendor-advisory, x_refsource_SUSE
	https://www.exploit-db.com/exploits/39992/	exploit, x_refsource_EXPLOIT-DB
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3005-1	vendor-advisory, x_refsource_UBUNTU
	https://bugs.chromium.org/p/project-zero/issues/detail?id=836	x_refsource_MISC
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/91157	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2999-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/06/10/8	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3000-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/f0fe970df3838c202ef6c07a4c2b36838ef0a88b	x_refsource_MISC
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.securitytracker.com/id/1036763	vdb-entry, x_refsource_SECTRACK
	https://github.com/torvalds/linux/commit/2f36db71009304b3f0b95afacd8eba1f9f046b87	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3002-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00027.html	vendor-advisory, x_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2017:2760	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3007-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2124.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3003-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/06/22/1	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1344721	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2998-1	vendor-advisory, x_refsource_UBUNTU
	http://packetstormsecurity.com/files/137560/Linux-ecryptfs-Stack-Overflow.html	x_refsource_MISC
	http://www.ubuntu.com/usn/USN-3008-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T23:02:11.789Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3006-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3006-1",
               },
               {
                  name: "USN-3004-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3004-1",
               },
               {
                  name: "SUSE-SU-2016:2010",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d",
               },
               {
                  name: "RHSA-2016:2766",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2766.html",
               },
               {
                  name: "USN-3001-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3001-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3",
               },
               {
                  name: "SUSE-SU-2016:1696",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d",
               },
               {
                  name: "SUSE-SU-2016:1994",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html",
               },
               {
                  name: "39992",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/39992/",
               },
               {
                  name: "SUSE-SU-2016:1961",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html",
               },
               {
                  name: "USN-3005-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3005-1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=836",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "91157",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91157",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "USN-2999-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2999-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87",
               },
               {
                  name: "SUSE-SU-2016:2006",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html",
               },
               {
                  name: "[oss-security] 20160610 [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/10/8",
               },
               {
                  name: "SUSE-SU-2016:2014",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html",
               },
               {
                  name: "openSUSE-SU-2016:1641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
               },
               {
                  name: "USN-2997-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2997-1",
               },
               {
                  name: "USN-3000-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3000-1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/f0fe970df3838c202ef6c07a4c2b36838ef0a88b",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "1036763",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1036763",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/2f36db71009304b3f0b95afacd8eba1f9f046b87",
               },
               {
                  name: "USN-3002-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3002-1",
               },
               {
                  name: "USN-2996-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2996-1",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "SUSE-SU-2016:2009",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html",
               },
               {
                  name: "SUSE-SU-2016:1596",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00027.html",
               },
               {
                  name: "RHSA-2017:2760",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2760",
               },
               {
                  name: "SUSE-SU-2016:2005",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html",
               },
               {
                  name: "SUSE-SU-2016:2007",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html",
               },
               {
                  name: "USN-3007-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3007-1",
               },
               {
                  name: "SUSE-SU-2016:2000",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html",
               },
               {
                  name: "RHSA-2016:2124",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2124.html",
               },
               {
                  name: "USN-3003-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3003-1",
               },
               {
                  name: "SUSE-SU-2016:1995",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "[oss-security] 20160622 Re: [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/22/1",
               },
               {
                  name: "SUSE-SU-2016:2002",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1344721",
               },
               {
                  name: "USN-2998-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2998-1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/137560/Linux-ecryptfs-Stack-Overflow.html",
               },
               {
                  name: "USN-3008-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3008-1",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-06-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-12-06T21:57:01",
            orgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            shortName: "canonical",
         },
         references: [
            {
               name: "USN-3006-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3006-1",
            },
            {
               name: "USN-3004-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3004-1",
            },
            {
               name: "SUSE-SU-2016:2010",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d",
            },
            {
               name: "RHSA-2016:2766",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2766.html",
            },
            {
               name: "USN-3001-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3001-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3",
            },
            {
               name: "SUSE-SU-2016:1696",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d",
            },
            {
               name: "SUSE-SU-2016:1994",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html",
            },
            {
               name: "39992",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/39992/",
            },
            {
               name: "SUSE-SU-2016:1961",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html",
            },
            {
               name: "USN-3005-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3005-1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=836",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "91157",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/91157",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "USN-2999-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2999-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87",
            },
            {
               name: "SUSE-SU-2016:2006",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html",
            },
            {
               name: "[oss-security] 20160610 [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/10/8",
            },
            {
               name: "SUSE-SU-2016:2014",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html",
            },
            {
               name: "openSUSE-SU-2016:1641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
            },
            {
               name: "USN-2997-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2997-1",
            },
            {
               name: "USN-3000-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3000-1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/f0fe970df3838c202ef6c07a4c2b36838ef0a88b",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "1036763",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1036763",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/2f36db71009304b3f0b95afacd8eba1f9f046b87",
            },
            {
               name: "USN-3002-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3002-1",
            },
            {
               name: "USN-2996-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2996-1",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "SUSE-SU-2016:2009",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html",
            },
            {
               name: "SUSE-SU-2016:1596",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00027.html",
            },
            {
               name: "RHSA-2017:2760",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2760",
            },
            {
               name: "SUSE-SU-2016:2005",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html",
            },
            {
               name: "SUSE-SU-2016:2007",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html",
            },
            {
               name: "USN-3007-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3007-1",
            },
            {
               name: "SUSE-SU-2016:2000",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html",
            },
            {
               name: "RHSA-2016:2124",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2124.html",
            },
            {
               name: "USN-3003-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3003-1",
            },
            {
               name: "SUSE-SU-2016:1995",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "[oss-security] 20160622 Re: [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/22/1",
            },
            {
               name: "SUSE-SU-2016:2002",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1344721",
            },
            {
               name: "USN-2998-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2998-1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/137560/Linux-ecryptfs-Stack-Overflow.html",
            },
            {
               name: "USN-3008-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3008-1",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@ubuntu.com",
               ID: "CVE-2016-1583",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3006-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3006-1",
                  },
                  {
                     name: "USN-3004-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3004-1",
                  },
                  {
                     name: "SUSE-SU-2016:2010",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d",
                  },
                  {
                     name: "RHSA-2016:2766",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2766.html",
                  },
                  {
                     name: "USN-3001-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3001-1",
                  },
                  {
                     name: "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3",
                     refsource: "CONFIRM",
                     url: "https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.3",
                  },
                  {
                     name: "SUSE-SU-2016:1696",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f5364c150aa645b3d7daa21b5c0b9feaa1c9cd6d",
                  },
                  {
                     name: "SUSE-SU-2016:1994",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html",
                  },
                  {
                     name: "39992",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/39992/",
                  },
                  {
                     name: "SUSE-SU-2016:1961",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html",
                  },
                  {
                     name: "USN-3005-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3005-1",
                  },
                  {
                     name: "https://bugs.chromium.org/p/project-zero/issues/detail?id=836",
                     refsource: "MISC",
                     url: "https://bugs.chromium.org/p/project-zero/issues/detail?id=836",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "91157",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/91157",
                  },
                  {
                     name: "openSUSE-SU-2016:2184",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
                  },
                  {
                     name: "USN-2999-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2999-1",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2f36db71009304b3f0b95afacd8eba1f9f046b87",
                  },
                  {
                     name: "SUSE-SU-2016:2006",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html",
                  },
                  {
                     name: "[oss-security] 20160610 [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/06/10/8",
                  },
                  {
                     name: "SUSE-SU-2016:2014",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html",
                  },
                  {
                     name: "openSUSE-SU-2016:1641",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
                  },
                  {
                     name: "USN-2997-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2997-1",
                  },
                  {
                     name: "USN-3000-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3000-1",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/f0fe970df3838c202ef6c07a4c2b36838ef0a88b",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/f0fe970df3838c202ef6c07a4c2b36838ef0a88b",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "1036763",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1036763",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/2f36db71009304b3f0b95afacd8eba1f9f046b87",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/2f36db71009304b3f0b95afacd8eba1f9f046b87",
                  },
                  {
                     name: "USN-3002-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3002-1",
                  },
                  {
                     name: "USN-2996-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2996-1",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "SUSE-SU-2016:2009",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html",
                  },
                  {
                     name: "SUSE-SU-2016:1596",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00027.html",
                  },
                  {
                     name: "RHSA-2017:2760",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2760",
                  },
                  {
                     name: "SUSE-SU-2016:2005",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html",
                  },
                  {
                     name: "SUSE-SU-2016:2007",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html",
                  },
                  {
                     name: "USN-3007-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3007-1",
                  },
                  {
                     name: "SUSE-SU-2016:2000",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html",
                  },
                  {
                     name: "RHSA-2016:2124",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2124.html",
                  },
                  {
                     name: "USN-3003-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3003-1",
                  },
                  {
                     name: "SUSE-SU-2016:1995",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html",
                  },
                  {
                     name: "SUSE-SU-2016:2105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
                  },
                  {
                     name: "[oss-security] 20160622 Re: [vs-plain] Linux kernel stack overflow via ecryptfs and /proc/$pid/environ",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/06/22/1",
                  },
                  {
                     name: "SUSE-SU-2016:2002",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1344721",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1344721",
                  },
                  {
                     name: "USN-2998-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2998-1",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/137560/Linux-ecryptfs-Stack-Overflow.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/137560/Linux-ecryptfs-Stack-Overflow.html",
                  },
                  {
                     name: "USN-3008-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3008-1",
                  },
                  {
                     name: "SUSE-SU-2016:1937",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc",
      assignerShortName: "canonical",
      cveId: "CVE-2016-1583",
      datePublished: "2016-06-27T10:00:00",
      dateReserved: "2016-01-12T00:00:00",
      dateUpdated: "2024-08-05T23:02:11.789Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-7097

Vulnerability from cvelistv5

Published

2016-10-16 21:00

Modified

2024-08-06 01:50

Severity ?

Summary

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-3146-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3146-1	vendor-advisory, x_refsource_UBUNTU
	https://source.android.com/security/bulletin/2017-04-01	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/92659	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	http://www.spinics.net/lists/linux-fsdevel/msg98328.html	mailing-list, x_refsource_MLIST
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073931017b49d9458aa351605b43a7e34598caef	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/08/26/3	mailing-list, x_refsource_MLIST
	http://rhn.redhat.com/errata/RHSA-2017-0817.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3147-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1368938	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/073931017b49d9458aa351605b43a7e34598caef	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2	mailing-list, x_refsource_MLIST
	http://www.securitytracker.com/id/1038201	vdb-entry, x_refsource_SECTRACK
	https://support.f5.com/csp/article/K31603170?utm_source=f5support&amp%3Butm_medium=RSS	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:50:47.362Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3146-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3146-2",
               },
               {
                  name: "USN-3146-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3146-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-04-01",
               },
               {
                  name: "92659",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/92659",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "[linux-fsdevel] 20160526 [PATCH 2/2] posix_acl: Clear SGID bit when modifying file permissions",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.spinics.net/lists/linux-fsdevel/msg98328.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073931017b49d9458aa351605b43a7e34598caef",
               },
               {
                  name: "[oss-security] 20160826 Re: CVE request -- linux kernel: Setting a POSIX ACL via setxattr doesn't clear the setgid bit",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/08/26/3",
               },
               {
                  name: "RHSA-2017:0817",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
               },
               {
                  name: "USN-3147-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3147-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1368938",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/073931017b49d9458aa351605b43a7e34598caef",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  name: "[linux-fsdevel] 20160819 [PATCH v2] posix_acl: Clear SGID bit when setting file permissions",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2",
               },
               {
                  name: "1038201",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038201",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.f5.com/csp/article/K31603170?utm_source=f5support&amp%3Butm_medium=RSS",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-26T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-10-09T19:07:27",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "USN-3146-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3146-2",
            },
            {
               name: "USN-3146-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3146-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-04-01",
            },
            {
               name: "92659",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/92659",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "[linux-fsdevel] 20160526 [PATCH 2/2] posix_acl: Clear SGID bit when modifying file permissions",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.spinics.net/lists/linux-fsdevel/msg98328.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073931017b49d9458aa351605b43a7e34598caef",
            },
            {
               name: "[oss-security] 20160826 Re: CVE request -- linux kernel: Setting a POSIX ACL via setxattr doesn't clear the setgid bit",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/08/26/3",
            },
            {
               name: "RHSA-2017:0817",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
            },
            {
               name: "USN-3147-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3147-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1368938",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/073931017b49d9458aa351605b43a7e34598caef",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               name: "[linux-fsdevel] 20160819 [PATCH v2] posix_acl: Clear SGID bit when setting file permissions",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://marc.info/?l=linux-fsdevel&m=147162313630259&w=2",
            },
            {
               name: "1038201",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038201",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.f5.com/csp/article/K31603170?utm_source=f5support&amp%3Butm_medium=RSS",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-7097",
      datePublished: "2016-10-16T21:00:00",
      dateReserved: "2016-08-26T00:00:00",
      dateUpdated: "2024-08-06T01:50:47.362Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-7911

Vulnerability from cvelistv5

Published

2016-11-16 04:49

Modified

2024-08-06 02:13

Severity ?

Summary

Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.

References

▼	URL	Tags
	http://source.android.com/security/bulletin/2016-11-01.html	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94135	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:13:20.819Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-11-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4",
               },
               {
                  name: "94135",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94135",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-25T19:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2016-11-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4",
            },
            {
               name: "94135",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94135",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2016-7911",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://source.android.com/security/bulletin/2016-11-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2016-11-01.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/8ba8682107ee2ca3347354e018865d8e1967c5f4",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.6.6",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8ba8682107ee2ca3347354e018865d8e1967c5f4",
                  },
                  {
                     name: "94135",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94135",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2016-7911",
      datePublished: "2016-11-16T04:49:00",
      dateReserved: "2016-09-09T00:00:00",
      dateUpdated: "2024-08-06T02:13:20.819Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-7042

Vulnerability from cvelistv5

Published

2016-10-16 21:00

Modified

2024-08-06 01:50

Severity ?

Summary

The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.

References

▼	URL	Tags
	https://source.android.com/security/bulletin/2017-01-01.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1373966	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/10/13/5	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0817.html	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/93544	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:50:47.134Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-01-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1373966",
               },
               {
                  name: "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/10/13/5",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2017:0817",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  name: "93544",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93544",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-10-13T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-01-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1373966",
            },
            {
               name: "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/10/13/5",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2017:0817",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               name: "93544",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93544",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-7042",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://source.android.com/security/bulletin/2017-01-01.html",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-01-01.html",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1373966",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1373966",
                  },
                  {
                     name: "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/10/13/5",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2017:0817",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "93544",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93544",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-7042",
      datePublished: "2016-10-16T21:00:00",
      dateReserved: "2016-08-23T00:00:00",
      dateUpdated: "2024-08-06T01:50:47.134Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-7916

Vulnerability from cvelistv5

Published

2016-11-16 04:49

Modified

2024-08-06 02:13

Severity ?

Summary

Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete.

References

▼	URL	Tags
	http://source.android.com/security/bulletin/2016-11-01.html	x_refsource_CONFIRM
	https://bugzilla.kernel.org/show_bug.cgi?id=116461	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3159-1	vendor-advisory, x_refsource_UBUNTU
	https://forums.grsecurity.net/viewtopic.php?f=3&t=4363	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3159-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/94138	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8148a73c9901a8794a50f950083c00ccf97d43b3	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/8148a73c9901a8794a50f950083c00ccf97d43b3	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:13:20.801Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-11-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.kernel.org/show_bug.cgi?id=116461",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4",
               },
               {
                  name: "USN-3159-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3159-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://forums.grsecurity.net/viewtopic.php?f=3&t=4363",
               },
               {
                  name: "USN-3159-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3159-2",
               },
               {
                  name: "94138",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94138",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8148a73c9901a8794a50f950083c00ccf97d43b3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/8148a73c9901a8794a50f950083c00ccf97d43b3",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-01-12T22:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2016-11-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.kernel.org/show_bug.cgi?id=116461",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4",
            },
            {
               name: "USN-3159-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3159-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://forums.grsecurity.net/viewtopic.php?f=3&t=4363",
            },
            {
               name: "USN-3159-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3159-2",
            },
            {
               name: "94138",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94138",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8148a73c9901a8794a50f950083c00ccf97d43b3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/8148a73c9901a8794a50f950083c00ccf97d43b3",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2016-7916",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://source.android.com/security/bulletin/2016-11-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2016-11-01.html",
                  },
                  {
                     name: "https://bugzilla.kernel.org/show_bug.cgi?id=116461",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.kernel.org/show_bug.cgi?id=116461",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.4",
                  },
                  {
                     name: "USN-3159-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3159-1",
                  },
                  {
                     name: "https://forums.grsecurity.net/viewtopic.php?f=3&t=4363",
                     refsource: "CONFIRM",
                     url: "https://forums.grsecurity.net/viewtopic.php?f=3&t=4363",
                  },
                  {
                     name: "USN-3159-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3159-2",
                  },
                  {
                     name: "94138",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94138",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8148a73c9901a8794a50f950083c00ccf97d43b3",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8148a73c9901a8794a50f950083c00ccf97d43b3",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/8148a73c9901a8794a50f950083c00ccf97d43b3",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/8148a73c9901a8794a50f950083c00ccf97d43b3",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2016-7916",
      datePublished: "2016-11-16T04:49:00",
      dateReserved: "2016-09-09T00:00:00",
      dateUpdated: "2024-08-06T02:13:20.801Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-7833

Vulnerability from cvelistv5

Published

2015-10-19 10:00

Modified

2024-08-06 07:59

Severity ?

Summary

The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.

References

▼	URL	Tags
	https://bugzilla.redhat.com/show_bug.cgi?id=1201858	x_refsource_MISC
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2947-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf	x_refsource_MISC
	http://www.ubuntu.com/usn/USN-2947-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2947-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/77030	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/archive/1/536629	mailing-list, x_refsource_BUGTRAQ
	http://www.debian.org/security/2015/dsa-3426	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2948-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2015/dsa-3396	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2948-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1034452	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T07:59:00.514Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1201858",
               },
               {
                  name: "USN-2967-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2967-1",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "USN-2947-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2947-3",
               },
               {
                  name: "USN-2967-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2967-2",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf",
               },
               {
                  name: "USN-2947-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2947-2",
               },
               {
                  name: "USN-2947-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2947-1",
               },
               {
                  name: "77030",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/77030",
               },
               {
                  name: "USN-2929-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2929-1",
               },
               {
                  name: "USN-2932-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2932-1",
               },
               {
                  name: "20151007 Re: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver)",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/536629",
               },
               {
                  name: "DSA-3426",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2015/dsa-3426",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "USN-2948-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2948-1",
               },
               {
                  name: "DSA-3396",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2015/dsa-3396",
               },
               {
                  name: "USN-2929-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2929-2",
               },
               {
                  name: "USN-2948-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2948-2",
               },
               {
                  name: "1034452",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1034452",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-10-07T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-09-12T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1201858",
            },
            {
               name: "USN-2967-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2967-1",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "USN-2947-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2947-3",
            },
            {
               name: "USN-2967-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2967-2",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf",
            },
            {
               name: "USN-2947-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2947-2",
            },
            {
               name: "USN-2947-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2947-1",
            },
            {
               name: "77030",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/77030",
            },
            {
               name: "USN-2929-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2929-1",
            },
            {
               name: "USN-2932-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2932-1",
            },
            {
               name: "20151007 Re: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver)",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/536629",
            },
            {
               name: "DSA-3426",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2015/dsa-3426",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "USN-2948-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2948-1",
            },
            {
               name: "DSA-3396",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2015/dsa-3396",
            },
            {
               name: "USN-2929-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2929-2",
            },
            {
               name: "USN-2948-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2948-2",
            },
            {
               name: "1034452",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1034452",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2015-7833",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1201858",
                     refsource: "MISC",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1201858",
                  },
                  {
                     name: "USN-2967-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2967-1",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "openSUSE-SU-2016:2184",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
                  },
                  {
                     name: "USN-2947-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2947-3",
                  },
                  {
                     name: "USN-2967-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2967-2",
                  },
                  {
                     name: "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf",
                     refsource: "MISC",
                     url: "http://www.os-s.net/advisories/DOS-KernelCrashesOnInvalidUSBDeviceDescriptors-UsbvisionDriver.pdf",
                  },
                  {
                     name: "USN-2947-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2947-2",
                  },
                  {
                     name: "USN-2947-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2947-1",
                  },
                  {
                     name: "77030",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/77030",
                  },
                  {
                     name: "USN-2929-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2929-1",
                  },
                  {
                     name: "USN-2932-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2932-1",
                  },
                  {
                     name: "20151007 Re: Local RedHat Enterprise Linux DoS - RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver)",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/536629",
                  },
                  {
                     name: "DSA-3426",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2015/dsa-3426",
                  },
                  {
                     name: "SUSE-SU-2016:2105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
                  },
                  {
                     name: "USN-2948-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2948-1",
                  },
                  {
                     name: "DSA-3396",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2015/dsa-3396",
                  },
                  {
                     name: "USN-2929-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2929-2",
                  },
                  {
                     name: "USN-2948-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2948-2",
                  },
                  {
                     name: "1034452",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1034452",
                  },
                  {
                     name: "SUSE-SU-2016:1937",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2015-7833",
      datePublished: "2015-10-19T10:00:00",
      dateReserved: "2015-10-14T00:00:00",
      dateUpdated: "2024-08-06T07:59:00.514Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-8633

Vulnerability from cvelistv5

Published

2016-11-28 03:01

Modified

2024-08-06 02:27

Severity ?

Summary

drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.

References

▼	URL	Tags
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94149	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2018:1062	vendor-advisory, x_refsource_REDHAT
	https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2018:0676	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1391490	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/11/06/1	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2019:1170	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:1190	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:27:41.221Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7",
               },
               {
                  name: "94149",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94149",
               },
               {
                  name: "RHSA-2018:1062",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1062",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/",
               },
               {
                  name: "RHSA-2018:0676",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0676",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1391490",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac",
               },
               {
                  name: "[oss-security] 20161106 Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/11/06/1",
               },
               {
                  name: "RHSA-2019:1170",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:1170",
               },
               {
                  name: "RHSA-2019:1190",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:1190",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-11-06T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-05-14T22:06:08",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.7",
            },
            {
               name: "94149",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94149",
            },
            {
               name: "RHSA-2018:1062",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1062",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://eyalitkin.wordpress.com/2016/11/06/cve-publication-cve-2016-8633/",
            },
            {
               name: "RHSA-2018:0676",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0676",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1391490",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/667121ace9dbafb368618dbabcf07901c962ddac",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=667121ace9dbafb368618dbabcf07901c962ddac",
            },
            {
               name: "[oss-security] 20161106 Re: [engineering.redhat.com #426293] CVE Request - firewire driver RCE - linux 4.8",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/11/06/1",
            },
            {
               name: "RHSA-2019:1170",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:1170",
            },
            {
               name: "RHSA-2019:1190",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:1190",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-8633",
      datePublished: "2016-11-28T03:01:00",
      dateReserved: "2016-10-12T00:00:00",
      dateUpdated: "2024-08-06T02:27:41.221Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4482

Vulnerability from cvelistv5

Published

2016-05-23 10:00

Modified

2024-08-06 00:32

Severity ?

Summary

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/90029	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=1332931	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3018-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3021-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3017-2	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3019-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3016-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3021-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3018-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/05/04/2	mailing-list, x_refsource_MLIST
	https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184414.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3016-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-4	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3020-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:32:25.667Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2016:1690",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
               },
               {
                  name: "90029",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/90029",
               },
               {
                  name: "SUSE-SU-2016:1696",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1332931",
               },
               {
                  name: "USN-3017-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-1",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "USN-3017-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-3",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "USN-3018-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-2",
               },
               {
                  name: "USN-3021-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-2",
               },
               {
                  name: "USN-3017-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee",
               },
               {
                  name: "USN-3019-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3019-1",
               },
               {
                  name: "openSUSE-SU-2016:1641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3016-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-2",
               },
               {
                  name: "USN-3016-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-1",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "USN-3021-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-1",
               },
               {
                  name: "USN-3018-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-1",
               },
               {
                  name: "[oss-security] 20160503 CVE Request: information leak in devio of Linux kernel",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/05/04/2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee",
               },
               {
                  name: "FEDORA-2016-4ce97823af",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184414.html",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "USN-3016-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-3",
               },
               {
                  name: "USN-3016-4",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-4",
               },
               {
                  name: "USN-3020-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3020-1",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-25T20:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "SUSE-SU-2016:1690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
            },
            {
               name: "90029",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/90029",
            },
            {
               name: "SUSE-SU-2016:1696",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1332931",
            },
            {
               name: "USN-3017-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-1",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "USN-3017-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-3",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "USN-3018-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-2",
            },
            {
               name: "USN-3021-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-2",
            },
            {
               name: "USN-3017-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee",
            },
            {
               name: "USN-3019-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3019-1",
            },
            {
               name: "openSUSE-SU-2016:1641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3016-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-2",
            },
            {
               name: "USN-3016-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-1",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "USN-3021-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-1",
            },
            {
               name: "USN-3018-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-1",
            },
            {
               name: "[oss-security] 20160503 CVE Request: information leak in devio of Linux kernel",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/05/04/2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee",
            },
            {
               name: "FEDORA-2016-4ce97823af",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184414.html",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "USN-3016-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-3",
            },
            {
               name: "USN-3016-4",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-4",
            },
            {
               name: "USN-3020-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3020-1",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-4482",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "SUSE-SU-2016:1690",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
                  },
                  {
                     name: "90029",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/90029",
                  },
                  {
                     name: "SUSE-SU-2016:1696",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1332931",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1332931",
                  },
                  {
                     name: "USN-3017-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-1",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "USN-3017-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-3",
                  },
                  {
                     name: "openSUSE-SU-2016:2184",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
                  },
                  {
                     name: "USN-3018-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-2",
                  },
                  {
                     name: "USN-3021-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-2",
                  },
                  {
                     name: "USN-3017-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-2",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=681fef8380eb818c0b845fca5d2ab1dcbab114ee",
                  },
                  {
                     name: "USN-3019-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3019-1",
                  },
                  {
                     name: "openSUSE-SU-2016:1641",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "USN-3016-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-2",
                  },
                  {
                     name: "USN-3016-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-1",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "USN-3021-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-1",
                  },
                  {
                     name: "USN-3018-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-1",
                  },
                  {
                     name: "[oss-security] 20160503 CVE Request: information leak in devio of Linux kernel",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/05/04/2",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/681fef8380eb818c0b845fca5d2ab1dcbab114ee",
                  },
                  {
                     name: "FEDORA-2016-4ce97823af",
                     refsource: "FEDORA",
                     url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184414.html",
                  },
                  {
                     name: "SUSE-SU-2016:2105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
                  },
                  {
                     name: "USN-3016-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-3",
                  },
                  {
                     name: "USN-3016-4",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-4",
                  },
                  {
                     name: "USN-3020-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3020-1",
                  },
                  {
                     name: "SUSE-SU-2016:1937",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-4482",
      datePublished: "2016-05-23T10:00:00",
      dateReserved: "2016-05-04T00:00:00",
      dateUpdated: "2024-08-06T00:32:25.667Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-2189

Vulnerability from cvelistv5

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-4565. Reason: This candidate is a reservation duplicate of CVE-2016-4565. Notes: All CVE users should reference CVE-2016-4565 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage

Show details on NVD website

JSON

To clipboard

{
   containers: {
      cna: {
         providerMetadata: {
            dateUpdated: "2016-05-17T14:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         rejectedReasons: [
            {
               lang: "en",
               value: "DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2016-4565.  Reason: This candidate is a reservation duplicate of CVE-2016-4565.  Notes: All CVE users should reference CVE-2016-4565 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-2189",
      datePublished: "2016-05-17T15:00:00",
      dateRejected: "2016-05-17T14:57:01",
      dateReserved: "2016-01-29T00:00:00",
      dateUpdated: "2016-05-17T14:57:01",
      state: "REJECTED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.0",
}

cve-2012-6704

Vulnerability from cvelistv5

Published

2016-12-28 07:42

Modified

2024-08-06 21:36

Severity ?

Summary

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/95135	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=1402024	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82981930125abfd39d7c8378a9cfdf5e1be2002b	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/12/03/1	mailing-list, x_refsource_MLIST
	https://github.com/torvalds/linux/commit/82981930125abfd39d7c8378a9cfdf5e1be2002b	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T21:36:02.175Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "95135",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/95135",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1402024",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82981930125abfd39d7c8378a9cfdf5e1be2002b",
               },
               {
                  name: "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/12/03/1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/82981930125abfd39d7c8378a9cfdf5e1be2002b",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2012-04-26T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-12-29T10:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "95135",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/95135",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1402024",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82981930125abfd39d7c8378a9cfdf5e1be2002b",
            },
            {
               name: "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/12/03/1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/82981930125abfd39d7c8378a9cfdf5e1be2002b",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2012-6704",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "95135",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/95135",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1402024",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1402024",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82981930125abfd39d7c8378a9cfdf5e1be2002b",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=82981930125abfd39d7c8378a9cfdf5e1be2002b",
                  },
                  {
                     name: "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/12/03/1",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/82981930125abfd39d7c8378a9cfdf5e1be2002b",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/82981930125abfd39d7c8378a9cfdf5e1be2002b",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2012-6704",
      datePublished: "2016-12-28T07:42:00",
      dateReserved: "2016-12-02T00:00:00",
      dateUpdated: "2024-08-06T21:36:02.175Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-0823

Vulnerability from cvelistv5

Published

2016-03-12 21:00

Modified

2024-08-05 22:30

Severity ?

Summary

The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/84265	vdb-entry, x_refsource_BID
	http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html	x_refsource_MISC
	http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3	x_refsource_CONFIRM
	http://source.android.com/security/bulletin/2016-03-01.html	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:30:05.021Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "84265",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/84265",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-03-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-03-26T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-25T19:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               name: "84265",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/84265",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2016-03-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2016-0823",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel before 3.19.3, as used in Android 6.0.1 before 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "84265",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/84265",
                  },
                  {
                     name: "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html",
                     refsource: "MISC",
                     url: "http://googleprojectzero.blogspot.com/2015/03/exploiting-dram-rowhammer-bug-to-gain.html",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.19.3",
                  },
                  {
                     name: "http://source.android.com/security/bulletin/2016-03-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2016-03-01.html",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/ab676b7d6fbf4b294bf198fb27ade5b0e865c7ce",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2016-0823",
      datePublished: "2016-03-12T21:00:00",
      dateReserved: "2015-12-16T00:00:00",
      dateUpdated: "2024-08-05T22:30:05.021Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-10088

Vulnerability from cvelistv5

Published

2016-12-30 18:00

Modified

2024-08-06 03:07

Severity ?

Summary

The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1037538	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/95169	vdb-entry, x_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2017-0817.html	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2016/12/30/1	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=128394eff343fc6d2f32172f03e24829539c5835	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/128394eff343fc6d2f32172f03e24829539c5835	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T03:07:32.095Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1037538",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037538",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "95169",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/95169",
               },
               {
                  name: "RHSA-2017:0817",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
               },
               {
                  name: "[oss-security] 20161230 Re: Linux Kernel use-after-free in SCSI generic device interface",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/12/30/1",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=128394eff343fc6d2f32172f03e24829539c5835",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/128394eff343fc6d2f32172f03e24829539c5835",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-12-30T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5",
            shortName: "debian",
         },
         references: [
            {
               name: "1037538",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037538",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "95169",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/95169",
            },
            {
               name: "RHSA-2017:0817",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
            },
            {
               name: "[oss-security] 20161230 Re: Linux Kernel use-after-free in SCSI generic device interface",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/12/30/1",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=128394eff343fc6d2f32172f03e24829539c5835",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/128394eff343fc6d2f32172f03e24829539c5835",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@debian.org",
               ID: "CVE-2016-10088",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c.  NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1037538",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037538",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "95169",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/95169",
                  },
                  {
                     name: "RHSA-2017:0817",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
                  },
                  {
                     name: "[oss-security] 20161230 Re: Linux Kernel use-after-free in SCSI generic device interface",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/12/30/1",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=128394eff343fc6d2f32172f03e24829539c5835",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=128394eff343fc6d2f32172f03e24829539c5835",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/128394eff343fc6d2f32172f03e24829539c5835",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/128394eff343fc6d2f32172f03e24829539c5835",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5",
      assignerShortName: "debian",
      cveId: "CVE-2016-10088",
      datePublished: "2016-12-30T18:00:00",
      dateReserved: "2016-12-30T00:00:00",
      dateUpdated: "2024-08-06T03:07:32.095Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4569

Vulnerability from cvelistv5

Published

2016-05-23 10:00

Modified

2024-08-06 00:32

Severity ?

Summary

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/05/09/17	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-3017-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3018-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3021-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3017-2	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=1334643	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3019-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/cec8f96e49d9be372fdb0c3836dcf31ec71e457e	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3016-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3021-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3018-1	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/90347	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3016-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-4	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3020-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:32:26.040Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2016:1690",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
               },
               {
                  name: "SUSE-SU-2016:1696",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
               },
               {
                  name: "USN-3017-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "[oss-security] 20160509 Re: CVE Request: kernel information leak vulnerability in Linux sound module",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/05/09/17",
               },
               {
                  name: "USN-3017-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-3",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "USN-3018-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-2",
               },
               {
                  name: "USN-3021-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-2",
               },
               {
                  name: "USN-3017-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-2",
               },
               {
                  name: "RHSA-2016:2584",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1334643",
               },
               {
                  name: "RHSA-2016:2574",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
               },
               {
                  name: "USN-3019-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3019-1",
               },
               {
                  name: "openSUSE-SU-2016:1641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/cec8f96e49d9be372fdb0c3836dcf31ec71e457e",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3016-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-2",
               },
               {
                  name: "USN-3016-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-1",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "USN-3021-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-1",
               },
               {
                  name: "USN-3018-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-1",
               },
               {
                  name: "90347",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/90347",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "USN-3016-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-3",
               },
               {
                  name: "USN-3016-4",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-4",
               },
               {
                  name: "USN-3020-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3020-1",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-09T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "SUSE-SU-2016:1690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
            },
            {
               name: "SUSE-SU-2016:1696",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
            },
            {
               name: "USN-3017-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "[oss-security] 20160509 Re: CVE Request: kernel information leak vulnerability in Linux sound module",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/05/09/17",
            },
            {
               name: "USN-3017-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-3",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "USN-3018-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-2",
            },
            {
               name: "USN-3021-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-2",
            },
            {
               name: "USN-3017-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-2",
            },
            {
               name: "RHSA-2016:2584",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1334643",
            },
            {
               name: "RHSA-2016:2574",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
            },
            {
               name: "USN-3019-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3019-1",
            },
            {
               name: "openSUSE-SU-2016:1641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/cec8f96e49d9be372fdb0c3836dcf31ec71e457e",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3016-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-2",
            },
            {
               name: "USN-3016-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-1",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "USN-3021-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-1",
            },
            {
               name: "USN-3018-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-1",
            },
            {
               name: "90347",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/90347",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "USN-3016-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-3",
            },
            {
               name: "USN-3016-4",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-4",
            },
            {
               name: "USN-3020-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3020-1",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-4569",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "SUSE-SU-2016:1690",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
                  },
                  {
                     name: "SUSE-SU-2016:1696",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00056.html",
                  },
                  {
                     name: "USN-3017-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-1",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cec8f96e49d9be372fdb0c3836dcf31ec71e457e",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "[oss-security] 20160509 Re: CVE Request: kernel information leak vulnerability in Linux sound module",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/05/09/17",
                  },
                  {
                     name: "USN-3017-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-3",
                  },
                  {
                     name: "openSUSE-SU-2016:2184",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
                  },
                  {
                     name: "USN-3018-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-2",
                  },
                  {
                     name: "USN-3021-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-2",
                  },
                  {
                     name: "USN-3017-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-2",
                  },
                  {
                     name: "RHSA-2016:2584",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1334643",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1334643",
                  },
                  {
                     name: "RHSA-2016:2574",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
                  },
                  {
                     name: "USN-3019-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3019-1",
                  },
                  {
                     name: "openSUSE-SU-2016:1641",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/cec8f96e49d9be372fdb0c3836dcf31ec71e457e",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/cec8f96e49d9be372fdb0c3836dcf31ec71e457e",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "USN-3016-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-2",
                  },
                  {
                     name: "USN-3016-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-1",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "USN-3021-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-1",
                  },
                  {
                     name: "USN-3018-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-1",
                  },
                  {
                     name: "90347",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/90347",
                  },
                  {
                     name: "SUSE-SU-2016:2105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
                  },
                  {
                     name: "USN-3016-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-3",
                  },
                  {
                     name: "USN-3016-4",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-4",
                  },
                  {
                     name: "USN-3020-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3020-1",
                  },
                  {
                     name: "SUSE-SU-2016:1937",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-4569",
      datePublished: "2016-05-23T10:00:00",
      dateReserved: "2016-05-09T00:00:00",
      dateUpdated: "2024-08-06T00:32:26.040Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-8646

Vulnerability from cvelistv5

Published

2016-11-28 03:01

Modified

2024-08-06 02:27

Severity ?

Summary

The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.

References

▼	URL	Tags
	https://bugzilla.redhat.com/show_bug.cgi?id=1388821	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1308	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4afa5f9617927453ac04b24b584f6c718dfb4f45	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94309	vdb-entry, x_refsource_BID
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.6	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/4afa5f9617927453ac04b24b584f6c718dfb4f45	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:1298	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2016/11/15/2	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2017:1297	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:27:41.245Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1388821",
               },
               {
                  name: "RHSA-2017:1308",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1308",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4afa5f9617927453ac04b24b584f6c718dfb4f45",
               },
               {
                  name: "94309",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94309",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.6",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/4afa5f9617927453ac04b24b584f6c718dfb4f45",
               },
               {
                  name: "RHSA-2017:1298",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1298",
               },
               {
                  name: "[oss-security] 20161115 CVE-2016-8646: linux kernel - oops in shash_async_export()",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/11/15/2",
               },
               {
                  name: "RHSA-2017:1297",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1297",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-02-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1388821",
            },
            {
               name: "RHSA-2017:1308",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1308",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4afa5f9617927453ac04b24b584f6c718dfb4f45",
            },
            {
               name: "94309",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94309",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.6",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/4afa5f9617927453ac04b24b584f6c718dfb4f45",
            },
            {
               name: "RHSA-2017:1298",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1298",
            },
            {
               name: "[oss-security] 20161115 CVE-2016-8646: linux kernel - oops in shash_async_export()",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/11/15/2",
            },
            {
               name: "RHSA-2017:1297",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1297",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-8646",
      datePublished: "2016-11-28T03:01:00",
      dateReserved: "2016-10-12T00:00:00",
      dateUpdated: "2024-08-06T02:27:41.245Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-9756

Vulnerability from cvelistv5

Published

2016-12-28 07:42

Modified

2024-08-06 02:59

Severity ?

Summary

arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

References

▼	URL	Tags
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.12	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/12/01/1	mailing-list, x_refsource_MLIST
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2117d5398c81554fbf803f5fd1dc55eb78216c0c	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94615	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=1400468	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00000.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/2117d5398c81554fbf803f5fd1dc55eb78216c0c	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:59:03.389Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.12",
               },
               {
                  name: "[oss-security] 20161201 CVE request: Kernel: kvm: stack memory information leakage",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/12/01/1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2117d5398c81554fbf803f5fd1dc55eb78216c0c",
               },
               {
                  name: "94615",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94615",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1400468",
               },
               {
                  name: "openSUSE-SU-2017:0002",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00000.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/2117d5398c81554fbf803f5fd1dc55eb78216c0c",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-12-01T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-01-04T14:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.12",
            },
            {
               name: "[oss-security] 20161201 CVE request: Kernel: kvm: stack memory information leakage",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/12/01/1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2117d5398c81554fbf803f5fd1dc55eb78216c0c",
            },
            {
               name: "94615",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94615",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1400468",
            },
            {
               name: "openSUSE-SU-2017:0002",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00000.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/2117d5398c81554fbf803f5fd1dc55eb78216c0c",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-9756",
      datePublished: "2016-12-28T07:42:00",
      dateReserved: "2016-12-01T00:00:00",
      dateUpdated: "2024-08-06T02:59:03.389Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-1350

Vulnerability from cvelistv5

Published

2016-05-02 10:00

Modified

2024-08-06 04:40

Severity ?

Summary

The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.

References

▼	URL	Tags
	https://bugzilla.redhat.com/show_bug.cgi?id=1185139	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/76075	vdb-entry, x_refsource_BID
	http://marc.info/?l=linux-kernel&m=142153722930533&w=2	mailing-list, x_refsource_MLIST
	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2015/01/24/5	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T04:40:18.594Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1185139",
               },
               {
                  name: "76075",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/76075",
               },
               {
                  name: "[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=linux-kernel&m=142153722930533&w=2",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492",
               },
               {
                  name: "[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2015/01/24/5",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-01-17T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-02-01T10:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1185139",
            },
            {
               name: "76075",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/76075",
            },
            {
               name: "[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://marc.info/?l=linux-kernel&m=142153722930533&w=2",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492",
            },
            {
               name: "[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2015/01/24/5",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2015-1350",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1185139",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1185139",
                  },
                  {
                     name: "76075",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/76075",
                  },
                  {
                     name: "[linux-kernel] 20150117 [RFC PATCH RESEND] vfs: Move security_inode_killpriv() after permission checks",
                     refsource: "MLIST",
                     url: "http://marc.info/?l=linux-kernel&m=142153722930533&w=2",
                  },
                  {
                     name: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492",
                     refsource: "MISC",
                     url: "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770492",
                  },
                  {
                     name: "[oss-security] 20150124 Re: CVE Request: Linux kernel - Denial of service in notify_change for xattrs.",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2015/01/24/5",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2015-1350",
      datePublished: "2016-05-02T10:00:00",
      dateReserved: "2015-01-24T00:00:00",
      dateUpdated: "2024-08-06T04:40:18.594Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-6480

Vulnerability from cvelistv5

Published

2016-08-06 20:00

Modified

2024-08-06 01:29

Severity ?

Summary

Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a "double fetch" vulnerability.

References

▼	URL	Tags
	https://bugzilla.redhat.com/show_bug.cgi?id=1362466	x_refsource_CONFIRM
	http://www.securityfocus.com/archive/1/539074/30/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/92214	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00001.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0817.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:29:20.132Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362466",
               },
               {
                  name: "20160801 [CVE-2016-6480] Double-Fetch Vulnerability in Linux-4.5/drivers/scsi/aacraid/commctrl.c",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/539074/30/0/threaded",
               },
               {
                  name: "SUSE-SU-2016:2180",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
               },
               {
                  name: "92214",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/92214",
               },
               {
                  name: "SUSE-SU-2016:2174",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
               },
               {
                  name: "SUSE-SU-2016:2230",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00001.html",
               },
               {
                  name: "RHSA-2016:2584",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
               },
               {
                  name: "RHSA-2016:2574",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
               },
               {
                  name: "RHSA-2017:0817",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
               },
               {
                  name: "SUSE-SU-2016:2181",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
               },
               {
                  name: "SUSE-SU-2016:2178",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
               },
               {
                  name: "SUSE-SU-2016:2175",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html",
               },
               {
                  name: "SUSE-SU-2016:2177",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
               },
               {
                  name: "SUSE-SU-2016:2179",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a \"double fetch\" vulnerability.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362466",
            },
            {
               name: "20160801 [CVE-2016-6480] Double-Fetch Vulnerability in Linux-4.5/drivers/scsi/aacraid/commctrl.c",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://www.securityfocus.com/archive/1/539074/30/0/threaded",
            },
            {
               name: "SUSE-SU-2016:2180",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
            },
            {
               name: "92214",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/92214",
            },
            {
               name: "SUSE-SU-2016:2174",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
            },
            {
               name: "SUSE-SU-2016:2230",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00001.html",
            },
            {
               name: "RHSA-2016:2584",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
            },
            {
               name: "RHSA-2016:2574",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
            },
            {
               name: "RHSA-2017:0817",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
            },
            {
               name: "SUSE-SU-2016:2181",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
            },
            {
               name: "SUSE-SU-2016:2178",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
            },
            {
               name: "SUSE-SU-2016:2175",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html",
            },
            {
               name: "SUSE-SU-2016:2177",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
            },
            {
               name: "SUSE-SU-2016:2179",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-6480",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Race condition in the ioctl_send_fib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (out-of-bounds access or system crash) by changing a certain size value, aka a \"double fetch\" vulnerability.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1362466",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1362466",
                  },
                  {
                     name: "20160801 [CVE-2016-6480] Double-Fetch Vulnerability in Linux-4.5/drivers/scsi/aacraid/commctrl.c",
                     refsource: "BUGTRAQ",
                     url: "http://www.securityfocus.com/archive/1/539074/30/0/threaded",
                  },
                  {
                     name: "SUSE-SU-2016:2180",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
                  },
                  {
                     name: "92214",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/92214",
                  },
                  {
                     name: "SUSE-SU-2016:2174",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
                  },
                  {
                     name: "SUSE-SU-2016:2230",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00001.html",
                  },
                  {
                     name: "RHSA-2016:2584",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
                  },
                  {
                     name: "RHSA-2016:2574",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
                  },
                  {
                     name: "RHSA-2017:0817",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
                  },
                  {
                     name: "SUSE-SU-2016:2181",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
                  },
                  {
                     name: "SUSE-SU-2016:2178",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
                  },
                  {
                     name: "SUSE-SU-2016:2175",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html",
                  },
                  {
                     name: "SUSE-SU-2016:2177",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
                  },
                  {
                     name: "SUSE-SU-2016:2179",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-6480",
      datePublished: "2016-08-06T20:00:00",
      dateReserved: "2016-07-26T00:00:00",
      dateUpdated: "2024-08-06T01:29:20.132Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-8962

Vulnerability from cvelistv5

Published

2016-11-16 04:49

Modified

2024-08-06 08:36

Severity ?

Summary

Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3951a3709ff50990bf3e188c27d346792103432	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2016-11-01.html	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/f3951a3709ff50990bf3e188c27d346792103432	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94187	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T08:36:30.694Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3951a3709ff50990bf3e188c27d346792103432",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2016-11-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/f3951a3709ff50990bf3e188c27d346792103432",
               },
               {
                  name: "94187",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94187",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-01-12T20:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3951a3709ff50990bf3e188c27d346792103432",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2016-11-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/f3951a3709ff50990bf3e188c27d346792103432",
            },
            {
               name: "94187",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94187",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2015-8962",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3951a3709ff50990bf3e188c27d346792103432",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f3951a3709ff50990bf3e188c27d346792103432",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2016-11-01.html",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2016-11-01.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/f3951a3709ff50990bf3e188c27d346792103432",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/f3951a3709ff50990bf3e188c27d346792103432",
                  },
                  {
                     name: "94187",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94187",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2015-8962",
      datePublished: "2016-11-16T04:49:00",
      dateReserved: "2016-10-03T00:00:00",
      dateUpdated: "2024-08-06T08:36:30.694Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-5829

Vulnerability from cvelistv5

Published

2016-06-27 10:00

Modified

2024-08-06 01:15

Severity ?

Summary

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-3070-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/bid/91450	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3070-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93a2001bdfd5376c3dc2158653034c20392d15c5	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-2006.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3070-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3071-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3616	vendor-advisory, x_refsource_DEBIAN
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3070-4	vendor-advisory, x_refsource_UBUNTU
	http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/93a2001bdfd5376c3dc2158653034c20392d15c5	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.openwall.com/lists/oss-security/2016/06/26/2	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3072-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3072-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3071-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:15:10.765Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3070-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3070-1",
               },
               {
                  name: "SUSE-SU-2016:2180",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "91450",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/91450",
               },
               {
                  name: "SUSE-SU-2016:2174",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
               },
               {
                  name: "RHSA-2016:2584",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
               },
               {
                  name: "RHSA-2016:2574",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
               },
               {
                  name: "USN-3070-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3070-3",
               },
               {
                  name: "SUSE-SU-2016:2018",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93a2001bdfd5376c3dc2158653034c20392d15c5",
               },
               {
                  name: "RHSA-2016:2006",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2006.html",
               },
               {
                  name: "USN-3070-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3070-2",
               },
               {
                  name: "SUSE-SU-2016:2181",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
               },
               {
                  name: "SUSE-SU-2016:2178",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
               },
               {
                  name: "USN-3071-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3071-1",
               },
               {
                  name: "DSA-3616",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3616",
               },
               {
                  name: "SUSE-SU-2016:2175",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html",
               },
               {
                  name: "USN-3070-4",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3070-4",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
               },
               {
                  name: "SUSE-SU-2016:2177",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/93a2001bdfd5376c3dc2158653034c20392d15c5",
               },
               {
                  name: "SUSE-SU-2016:2179",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
               },
               {
                  name: "[oss-security] 20160626 Re: CVE Request: Linux kernel HID: hiddev buffer overflows",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/26/2",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "USN-3072-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3072-2",
               },
               {
                  name: "USN-3072-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3072-1",
               },
               {
                  name: "USN-3071-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3071-2",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-06-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-3070-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3070-1",
            },
            {
               name: "SUSE-SU-2016:2180",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "91450",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/91450",
            },
            {
               name: "SUSE-SU-2016:2174",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
            },
            {
               name: "RHSA-2016:2584",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
            },
            {
               name: "RHSA-2016:2574",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
            },
            {
               name: "USN-3070-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3070-3",
            },
            {
               name: "SUSE-SU-2016:2018",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93a2001bdfd5376c3dc2158653034c20392d15c5",
            },
            {
               name: "RHSA-2016:2006",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2006.html",
            },
            {
               name: "USN-3070-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3070-2",
            },
            {
               name: "SUSE-SU-2016:2181",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
            },
            {
               name: "SUSE-SU-2016:2178",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
            },
            {
               name: "USN-3071-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3071-1",
            },
            {
               name: "DSA-3616",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3616",
            },
            {
               name: "SUSE-SU-2016:2175",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html",
            },
            {
               name: "USN-3070-4",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3070-4",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
            },
            {
               name: "SUSE-SU-2016:2177",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/93a2001bdfd5376c3dc2158653034c20392d15c5",
            },
            {
               name: "SUSE-SU-2016:2179",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
            },
            {
               name: "[oss-security] 20160626 Re: CVE Request: Linux kernel HID: hiddev buffer overflows",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/26/2",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "USN-3072-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3072-2",
            },
            {
               name: "USN-3072-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3072-1",
            },
            {
               name: "USN-3071-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3071-2",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-5829",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3070-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3070-1",
                  },
                  {
                     name: "SUSE-SU-2016:2180",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00053.html",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "openSUSE-SU-2016:2184",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
                  },
                  {
                     name: "91450",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/91450",
                  },
                  {
                     name: "SUSE-SU-2016:2174",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00048.html",
                  },
                  {
                     name: "RHSA-2016:2584",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
                  },
                  {
                     name: "RHSA-2016:2574",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
                  },
                  {
                     name: "USN-3070-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3070-3",
                  },
                  {
                     name: "SUSE-SU-2016:2018",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93a2001bdfd5376c3dc2158653034c20392d15c5",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=93a2001bdfd5376c3dc2158653034c20392d15c5",
                  },
                  {
                     name: "RHSA-2016:2006",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2006.html",
                  },
                  {
                     name: "USN-3070-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3070-2",
                  },
                  {
                     name: "SUSE-SU-2016:2181",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00054.html",
                  },
                  {
                     name: "SUSE-SU-2016:2178",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00051.html",
                  },
                  {
                     name: "USN-3071-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3071-1",
                  },
                  {
                     name: "DSA-3616",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3616",
                  },
                  {
                     name: "SUSE-SU-2016:2175",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00049.html",
                  },
                  {
                     name: "USN-3070-4",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3070-4",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html",
                  },
                  {
                     name: "SUSE-SU-2016:2177",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00050.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/93a2001bdfd5376c3dc2158653034c20392d15c5",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/93a2001bdfd5376c3dc2158653034c20392d15c5",
                  },
                  {
                     name: "SUSE-SU-2016:2179",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00052.html",
                  },
                  {
                     name: "[oss-security] 20160626 Re: CVE Request: Linux kernel HID: hiddev buffer overflows",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/06/26/2",
                  },
                  {
                     name: "SUSE-SU-2016:2105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
                  },
                  {
                     name: "USN-3072-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3072-2",
                  },
                  {
                     name: "USN-3072-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3072-1",
                  },
                  {
                     name: "USN-3071-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3071-2",
                  },
                  {
                     name: "SUSE-SU-2016:1937",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-5829",
      datePublished: "2016-06-27T10:00:00",
      dateReserved: "2016-06-23T00:00:00",
      dateUpdated: "2024-08-06T01:15:10.765Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2004-0230

Vulnerability from cvelistv5

Published

2004-05-05 04:00

Modified

2024-08-08 00:10

Severity ?

Summary

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.

References

▼	URL	Tags
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689	vdb-entry, signature, x_refsource_OVAL
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508	vdb-entry, signature, x_refsource_OVAL
	http://www.us-cert.gov/cas/techalerts/TA04-111A.html	third-party-advisory, x_refsource_CERT
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711	vdb-entry, signature, x_refsource_OVAL
	http://marc.info/?l=bugtraq&m=108302060014745&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/archive/1/449179/100/0/threaded	vendor-advisory, x_refsource_HP
	http://www.uniras.gov.uk/vuls/2004/236929/index.htm	x_refsource_MISC
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064	vendor-advisory, x_refsource_MS
	http://secunia.com/advisories/11440	third-party-advisory, x_refsource_SECUNIA
	http://kb.juniper.net/JSA10638	x_refsource_CONFIRM
	https://kc.mcafee.com/corporate/index?page=content&id=SB10053	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://www.kb.cert.org/vuls/id/415294	third-party-advisory, x_refsource_CERT-VN
	http://marc.info/?l=bugtraq&m=108506952116653&w=2	vendor-advisory, x_refsource_HP
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt	vendor-advisory, x_refsource_SCO
	ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc	vendor-advisory, x_refsource_SGI
	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019	vendor-advisory, x_refsource_MS
	http://www.securityfocus.com/archive/1/449179/100/0/threaded	vendor-advisory, x_refsource_HP
	http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml	vendor-advisory, x_refsource_CISCO
	ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt	vendor-advisory, x_refsource_SCO
	http://www.securityfocus.com/bid/10183	vdb-entry, x_refsource_BID
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791	vdb-entry, signature, x_refsource_OVAL
	ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt	vendor-advisory, x_refsource_SCO
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270	vdb-entry, signature, x_refsource_OVAL
	https://exchange.xforce.ibmcloud.com/vulnerabilities/15886	vdb-entry, x_refsource_XF
	http://www.osvdb.org/4030	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/22341	third-party-advisory, x_refsource_SECUNIA
	ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc	vendor-advisory, x_refsource_NETBSD
	http://www.vupen.com/english/advisories/2006/3983	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/11458	third-party-advisory, x_refsource_SECUNIA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-08T00:10:03.682Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "oval:org.mitre.oval:def:2689",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689",
               },
               {
                  name: "oval:org.mitre.oval:def:3508",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508",
               },
               {
                  name: "TA04-111A",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT",
                     "x_transferred",
                  ],
                  url: "http://www.us-cert.gov/cas/techalerts/TA04-111A.html",
               },
               {
                  name: "oval:org.mitre.oval:def:5711",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711",
               },
               {
                  name: "20040425 Perl code exploting TCP not checking RST ACK.",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=108302060014745&w=2",
               },
               {
                  name: "SSRT061264",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.uniras.gov.uk/vuls/2004/236929/index.htm",
               },
               {
                  name: "MS06-064",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MS",
                     "x_transferred",
                  ],
                  url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064",
               },
               {
                  name: "11440",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/11440",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://kb.juniper.net/JSA10638",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10053",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
               },
               {
                  name: "VU#415294",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "http://www.kb.cert.org/vuls/id/415294",
               },
               {
                  name: "SSRT4696",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://marc.info/?l=bugtraq&m=108506952116653&w=2",
               },
               {
                  name: "SCOSA-2005.9",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SCO",
                     "x_transferred",
                  ],
                  url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt",
               },
               {
                  name: "20040403-01-A",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SGI",
                     "x_transferred",
                  ],
                  url: "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc",
               },
               {
                  name: "MS05-019",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_MS",
                     "x_transferred",
                  ],
                  url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019",
               },
               {
                  name: "HPSBST02161",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_HP",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
               },
               {
                  name: "20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml",
               },
               {
                  name: "SCOSA-2005.3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SCO",
                     "x_transferred",
                  ],
                  url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt",
               },
               {
                  name: "10183",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/10183",
               },
               {
                  name: "oval:org.mitre.oval:def:4791",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791",
               },
               {
                  name: "SCOSA-2005.14",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SCO",
                     "x_transferred",
                  ],
                  url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt",
               },
               {
                  name: "oval:org.mitre.oval:def:270",
                  tags: [
                     "vdb-entry",
                     "signature",
                     "x_refsource_OVAL",
                     "x_transferred",
                  ],
                  url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270",
               },
               {
                  name: "tcp-rst-dos(15886)",
                  tags: [
                     "vdb-entry",
                     "x_refsource_XF",
                     "x_transferred",
                  ],
                  url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886",
               },
               {
                  name: "4030",
                  tags: [
                     "vdb-entry",
                     "x_refsource_OSVDB",
                     "x_transferred",
                  ],
                  url: "http://www.osvdb.org/4030",
               },
               {
                  name: "22341",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/22341",
               },
               {
                  name: "NetBSD-SA2004-006",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_NETBSD",
                     "x_transferred",
                  ],
                  url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc",
               },
               {
                  name: "ADV-2006-3983",
                  tags: [
                     "vdb-entry",
                     "x_refsource_VUPEN",
                     "x_transferred",
                  ],
                  url: "http://www.vupen.com/english/advisories/2006/3983",
               },
               {
                  name: "11458",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_SECUNIA",
                     "x_transferred",
                  ],
                  url: "http://secunia.com/advisories/11458",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2004-04-20T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-10-19T14:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "oval:org.mitre.oval:def:2689",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689",
            },
            {
               name: "oval:org.mitre.oval:def:3508",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508",
            },
            {
               name: "TA04-111A",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT",
               ],
               url: "http://www.us-cert.gov/cas/techalerts/TA04-111A.html",
            },
            {
               name: "oval:org.mitre.oval:def:5711",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711",
            },
            {
               name: "20040425 Perl code exploting TCP not checking RST ACK.",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "http://marc.info/?l=bugtraq&m=108302060014745&w=2",
            },
            {
               name: "SSRT061264",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.uniras.gov.uk/vuls/2004/236929/index.htm",
            },
            {
               name: "MS06-064",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MS",
               ],
               url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064",
            },
            {
               name: "11440",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/11440",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://kb.juniper.net/JSA10638",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10053",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
            },
            {
               name: "VU#415294",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "http://www.kb.cert.org/vuls/id/415294",
            },
            {
               name: "SSRT4696",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://marc.info/?l=bugtraq&m=108506952116653&w=2",
            },
            {
               name: "SCOSA-2005.9",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SCO",
               ],
               url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt",
            },
            {
               name: "20040403-01-A",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SGI",
               ],
               url: "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc",
            },
            {
               name: "MS05-019",
               tags: [
                  "vendor-advisory",
                  "x_refsource_MS",
               ],
               url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019",
            },
            {
               name: "HPSBST02161",
               tags: [
                  "vendor-advisory",
                  "x_refsource_HP",
               ],
               url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
            },
            {
               name: "20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml",
            },
            {
               name: "SCOSA-2005.3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SCO",
               ],
               url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt",
            },
            {
               name: "10183",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/10183",
            },
            {
               name: "oval:org.mitre.oval:def:4791",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791",
            },
            {
               name: "SCOSA-2005.14",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SCO",
               ],
               url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt",
            },
            {
               name: "oval:org.mitre.oval:def:270",
               tags: [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
               ],
               url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270",
            },
            {
               name: "tcp-rst-dos(15886)",
               tags: [
                  "vdb-entry",
                  "x_refsource_XF",
               ],
               url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886",
            },
            {
               name: "4030",
               tags: [
                  "vdb-entry",
                  "x_refsource_OSVDB",
               ],
               url: "http://www.osvdb.org/4030",
            },
            {
               name: "22341",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/22341",
            },
            {
               name: "NetBSD-SA2004-006",
               tags: [
                  "vendor-advisory",
                  "x_refsource_NETBSD",
               ],
               url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc",
            },
            {
               name: "ADV-2006-3983",
               tags: [
                  "vdb-entry",
                  "x_refsource_VUPEN",
               ],
               url: "http://www.vupen.com/english/advisories/2006/3983",
            },
            {
               name: "11458",
               tags: [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
               ],
               url: "http://secunia.com/advisories/11458",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2004-0230",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "oval:org.mitre.oval:def:2689",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2689",
                  },
                  {
                     name: "oval:org.mitre.oval:def:3508",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3508",
                  },
                  {
                     name: "TA04-111A",
                     refsource: "CERT",
                     url: "http://www.us-cert.gov/cas/techalerts/TA04-111A.html",
                  },
                  {
                     name: "oval:org.mitre.oval:def:5711",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5711",
                  },
                  {
                     name: "20040425 Perl code exploting TCP not checking RST ACK.",
                     refsource: "BUGTRAQ",
                     url: "http://marc.info/?l=bugtraq&m=108302060014745&w=2",
                  },
                  {
                     name: "SSRT061264",
                     refsource: "HP",
                     url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
                  },
                  {
                     name: "http://www.uniras.gov.uk/vuls/2004/236929/index.htm",
                     refsource: "MISC",
                     url: "http://www.uniras.gov.uk/vuls/2004/236929/index.htm",
                  },
                  {
                     name: "MS06-064",
                     refsource: "MS",
                     url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-064",
                  },
                  {
                     name: "11440",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/11440",
                  },
                  {
                     name: "http://kb.juniper.net/JSA10638",
                     refsource: "CONFIRM",
                     url: "http://kb.juniper.net/JSA10638",
                  },
                  {
                     name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10053",
                     refsource: "CONFIRM",
                     url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10053",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
                  },
                  {
                     name: "VU#415294",
                     refsource: "CERT-VN",
                     url: "http://www.kb.cert.org/vuls/id/415294",
                  },
                  {
                     name: "SSRT4696",
                     refsource: "HP",
                     url: "http://marc.info/?l=bugtraq&m=108506952116653&w=2",
                  },
                  {
                     name: "SCOSA-2005.9",
                     refsource: "SCO",
                     url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.9/SCOSA-2005.9.txt",
                  },
                  {
                     name: "20040403-01-A",
                     refsource: "SGI",
                     url: "ftp://patches.sgi.com/support/free/security/advisories/20040403-01-A.asc",
                  },
                  {
                     name: "MS05-019",
                     refsource: "MS",
                     url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-019",
                  },
                  {
                     name: "HPSBST02161",
                     refsource: "HP",
                     url: "http://www.securityfocus.com/archive/1/449179/100/0/threaded",
                  },
                  {
                     name: "20040420 TCP Vulnerabilities in Multiple IOS-Based Cisco Products",
                     refsource: "CISCO",
                     url: "http://www.cisco.com/warp/public/707/cisco-sa-20040420-tcp-ios.shtml",
                  },
                  {
                     name: "SCOSA-2005.3",
                     refsource: "SCO",
                     url: "ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.3/SCOSA-2005.3.txt",
                  },
                  {
                     name: "10183",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/10183",
                  },
                  {
                     name: "oval:org.mitre.oval:def:4791",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4791",
                  },
                  {
                     name: "SCOSA-2005.14",
                     refsource: "SCO",
                     url: "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.14/SCOSA-2005.14.txt",
                  },
                  {
                     name: "oval:org.mitre.oval:def:270",
                     refsource: "OVAL",
                     url: "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A270",
                  },
                  {
                     name: "tcp-rst-dos(15886)",
                     refsource: "XF",
                     url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/15886",
                  },
                  {
                     name: "4030",
                     refsource: "OSVDB",
                     url: "http://www.osvdb.org/4030",
                  },
                  {
                     name: "22341",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/22341",
                  },
                  {
                     name: "NetBSD-SA2004-006",
                     refsource: "NETBSD",
                     url: "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-006.txt.asc",
                  },
                  {
                     name: "ADV-2006-3983",
                     refsource: "VUPEN",
                     url: "http://www.vupen.com/english/advisories/2006/3983",
                  },
                  {
                     name: "11458",
                     refsource: "SECUNIA",
                     url: "http://secunia.com/advisories/11458",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2004-0230",
      datePublished: "2004-05-05T04:00:00",
      dateReserved: "2004-03-17T00:00:00",
      dateUpdated: "2024-08-08T00:10:03.682Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4470

Vulnerability from cvelistv5

Published

2016-06-27 10:00

Modified

2024-08-06 00:32

Severity ?

Summary

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

References

▼	URL	Tags
	http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3054-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-1657.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html	vendor-advisory, x_refsource_SUSE
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3051-1	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-2128.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2133.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3053-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3055-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3056-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3052-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3049-1	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-1541.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://rhn.redhat.com/errata/RHSA-2016-1539.html	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1036763	vdb-entry, x_refsource_SECTRACK
	http://rhn.redhat.com/errata/RHSA-2016-1532.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2006.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/06/15/11	mailing-list, x_refsource_MLIST
	https://bugzilla.redhat.com/show_bug.cgi?id=1341716	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3050-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2076.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3057-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2016-2074.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html	vendor-advisory, x_refsource_SUSE
	https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:32:25.328Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
               },
               {
                  name: "SUSE-SU-2016:2010",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html",
               },
               {
                  name: "SUSE-SU-2016:2011",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html",
               },
               {
                  name: "USN-3054-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3054-1",
               },
               {
                  name: "SUSE-SU-2016:2003",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html",
               },
               {
                  name: "RHSA-2016:1657",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1657.html",
               },
               {
                  name: "SUSE-SU-2016:1994",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
               },
               {
                  name: "USN-3051-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3051-1",
               },
               {
                  name: "RHSA-2016:2128",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2128.html",
               },
               {
                  name: "SUSE-SU-2016:1961",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html",
               },
               {
                  name: "RHSA-2016:2133",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2133.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
               },
               {
                  name: "SUSE-SU-2016:2001",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "USN-3053-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3053-1",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "SUSE-SU-2016:1998",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html",
               },
               {
                  name: "USN-3055-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3055-1",
               },
               {
                  name: "SUSE-SU-2016:2006",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html",
               },
               {
                  name: "USN-3056-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3056-1",
               },
               {
                  name: "USN-3052-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3052-1",
               },
               {
                  name: "USN-3049-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3049-1",
               },
               {
                  name: "RHSA-2016:1541",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1541.html",
               },
               {
                  name: "SUSE-SU-2016:2014",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html",
               },
               {
                  name: "SUSE-SU-2016:2018",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "RHSA-2016:1539",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1539.html",
               },
               {
                  name: "1036763",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1036763",
               },
               {
                  name: "RHSA-2016:1532",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-1532.html",
               },
               {
                  name: "RHSA-2016:2006",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2006.html",
               },
               {
                  name: "SUSE-SU-2016:2009",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a",
               },
               {
                  name: "[oss-security] 20160615 CVE-2016-4470: Linux kernel Uninitialized variable in request_key handling user controlled kfree().",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/06/15/11",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1341716",
               },
               {
                  name: "USN-3050-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3050-1",
               },
               {
                  name: "SUSE-SU-2016:2005",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html",
               },
               {
                  name: "SUSE-SU-2016:2007",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html",
               },
               {
                  name: "SUSE-SU-2016:1999",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html",
               },
               {
                  name: "SUSE-SU-2016:2000",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html",
               },
               {
                  name: "RHSA-2016:2076",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2076.html",
               },
               {
                  name: "USN-3057-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3057-1",
               },
               {
                  name: "SUSE-SU-2016:1995",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html",
               },
               {
                  name: "RHSA-2016:2074",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2074.html",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "SUSE-SU-2016:2002",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-06-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html",
            },
            {
               name: "SUSE-SU-2016:2010",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html",
            },
            {
               name: "SUSE-SU-2016:2011",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html",
            },
            {
               name: "USN-3054-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3054-1",
            },
            {
               name: "SUSE-SU-2016:2003",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html",
            },
            {
               name: "RHSA-2016:1657",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1657.html",
            },
            {
               name: "SUSE-SU-2016:1994",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html",
            },
            {
               name: "USN-3051-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3051-1",
            },
            {
               name: "RHSA-2016:2128",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2128.html",
            },
            {
               name: "SUSE-SU-2016:1961",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html",
            },
            {
               name: "RHSA-2016:2133",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2133.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html",
            },
            {
               name: "SUSE-SU-2016:2001",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "USN-3053-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3053-1",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "SUSE-SU-2016:1998",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html",
            },
            {
               name: "USN-3055-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3055-1",
            },
            {
               name: "SUSE-SU-2016:2006",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html",
            },
            {
               name: "USN-3056-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3056-1",
            },
            {
               name: "USN-3052-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3052-1",
            },
            {
               name: "USN-3049-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3049-1",
            },
            {
               name: "RHSA-2016:1541",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1541.html",
            },
            {
               name: "SUSE-SU-2016:2014",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html",
            },
            {
               name: "SUSE-SU-2016:2018",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "RHSA-2016:1539",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1539.html",
            },
            {
               name: "1036763",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1036763",
            },
            {
               name: "RHSA-2016:1532",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-1532.html",
            },
            {
               name: "RHSA-2016:2006",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2006.html",
            },
            {
               name: "SUSE-SU-2016:2009",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a",
            },
            {
               name: "[oss-security] 20160615 CVE-2016-4470: Linux kernel Uninitialized variable in request_key handling user controlled kfree().",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/06/15/11",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1341716",
            },
            {
               name: "USN-3050-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3050-1",
            },
            {
               name: "SUSE-SU-2016:2005",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html",
            },
            {
               name: "SUSE-SU-2016:2007",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html",
            },
            {
               name: "SUSE-SU-2016:1999",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html",
            },
            {
               name: "SUSE-SU-2016:2000",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html",
            },
            {
               name: "RHSA-2016:2076",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2076.html",
            },
            {
               name: "USN-3057-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3057-1",
            },
            {
               name: "SUSE-SU-2016:1995",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html",
            },
            {
               name: "RHSA-2016:2074",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2074.html",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "SUSE-SU-2016:2002",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-4470",
      datePublished: "2016-06-27T10:00:00",
      dateReserved: "2016-05-02T00:00:00",
      dateUpdated: "2024-08-06T00:32:25.328Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-7117

Vulnerability from cvelistv5

Published

2016-10-10 10:00

Modified

2024-08-06 01:50

Severity ?

Summary

Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2017-0216.html	vendor-advisory, x_refsource_REDHAT
	https://security-tracker.debian.org/tracker/CVE-2016-7117	x_refsource_CONFIRM
	http://source.android.com/security/bulletin/2016-10-01.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0086.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2962.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0113.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0091.html	vendor-advisory, x_refsource_REDHAT
	https://bugzilla.novell.com/show_bug.cgi?id=1003077	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1382268	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0031.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0065.html	vendor-advisory, x_refsource_REDHAT
	https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/93304	vdb-entry, x_refsource_BID
	https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0270.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0217.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0036.html	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0215.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0196.html	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:50:47.546Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:0216",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0216.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security-tracker.debian.org/tracker/CVE-2016-7117",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-10-01.html",
               },
               {
                  name: "RHSA-2017:0086",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
               },
               {
                  name: "RHSA-2016:2962",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2962.html",
               },
               {
                  name: "RHSA-2017:0113",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
               },
               {
                  name: "RHSA-2017:0091",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.novell.com/show_bug.cgi?id=1003077",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1382268",
               },
               {
                  name: "RHSA-2017:0031",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0031.html",
               },
               {
                  name: "RHSA-2017:0065",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0065.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
               },
               {
                  name: "93304",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/93304",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d",
               },
               {
                  name: "RHSA-2017:0270",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0270.html",
               },
               {
                  name: "RHSA-2017:0217",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0217.html",
               },
               {
                  name: "RHSA-2017:0036",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0036.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d",
               },
               {
                  name: "RHSA-2017:0215",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0215.html",
               },
               {
                  name: "RHSA-2017:0196",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0196.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-03-14T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               name: "RHSA-2017:0216",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0216.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security-tracker.debian.org/tracker/CVE-2016-7117",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2016-10-01.html",
            },
            {
               name: "RHSA-2017:0086",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
            },
            {
               name: "RHSA-2016:2962",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2962.html",
            },
            {
               name: "RHSA-2017:0113",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
            },
            {
               name: "RHSA-2017:0091",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.novell.com/show_bug.cgi?id=1003077",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1382268",
            },
            {
               name: "RHSA-2017:0031",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0031.html",
            },
            {
               name: "RHSA-2017:0065",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0065.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
            },
            {
               name: "93304",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/93304",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d",
            },
            {
               name: "RHSA-2017:0270",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0270.html",
            },
            {
               name: "RHSA-2017:0217",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0217.html",
            },
            {
               name: "RHSA-2017:0036",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0036.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d",
            },
            {
               name: "RHSA-2017:0215",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0215.html",
            },
            {
               name: "RHSA-2017:0196",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0196.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2016-7117",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:0216",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0216.html",
                  },
                  {
                     name: "https://security-tracker.debian.org/tracker/CVE-2016-7117",
                     refsource: "CONFIRM",
                     url: "https://security-tracker.debian.org/tracker/CVE-2016-7117",
                  },
                  {
                     name: "http://source.android.com/security/bulletin/2016-10-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2016-10-01.html",
                  },
                  {
                     name: "RHSA-2017:0086",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
                  },
                  {
                     name: "RHSA-2016:2962",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2962.html",
                  },
                  {
                     name: "RHSA-2017:0113",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
                  },
                  {
                     name: "RHSA-2017:0091",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
                  },
                  {
                     name: "https://bugzilla.novell.com/show_bug.cgi?id=1003077",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.novell.com/show_bug.cgi?id=1003077",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1382268",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1382268",
                  },
                  {
                     name: "RHSA-2017:0031",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0031.html",
                  },
                  {
                     name: "RHSA-2017:0065",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0065.html",
                  },
                  {
                     name: "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html",
                     refsource: "CONFIRM",
                     url: "https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7117.html",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2",
                  },
                  {
                     name: "93304",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/93304",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/34b88a68f26a75e4fded796f1a49c40f82234b7d",
                  },
                  {
                     name: "RHSA-2017:0270",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0270.html",
                  },
                  {
                     name: "RHSA-2017:0217",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0217.html",
                  },
                  {
                     name: "RHSA-2017:0036",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0036.html",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d",
                  },
                  {
                     name: "RHSA-2017:0215",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0215.html",
                  },
                  {
                     name: "RHSA-2017:0196",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0196.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2016-7117",
      datePublished: "2016-10-10T10:00:00",
      dateReserved: "2016-08-30T00:00:00",
      dateUpdated: "2024-08-06T01:50:47.546Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-9793

Vulnerability from cvelistv5

Published

2016-12-28 07:42

Modified

2024-08-06 02:59

Severity ?

Summary

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1037968	vdb-entry, x_refsource_SECTRACK
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:0932	vendor-advisory, x_refsource_REDHAT
	https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793	x_refsource_MISC
	http://www.securityfocus.com/bid/94655	vdb-entry, x_refsource_BID
	http://www.openwall.com/lists/oss-security/2016/12/03/1	mailing-list, x_refsource_MLIST
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:0933	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:0931	vendor-advisory, x_refsource_REDHAT
	https://source.android.com/security/bulletin/2017-03-01.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1402013	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:59:03.525Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
               },
               {
                  name: "1037968",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1037968",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
               },
               {
                  name: "RHSA-2017:0932",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0932",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793",
               },
               {
                  name: "94655",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94655",
               },
               {
                  name: "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/12/03/1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
               },
               {
                  name: "RHSA-2017:0933",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0933",
               },
               {
                  name: "RHSA-2017:0931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0931",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-03-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1402013",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-12-02T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
            },
            {
               name: "1037968",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1037968",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
            },
            {
               name: "RHSA-2017:0932",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0932",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793",
            },
            {
               name: "94655",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94655",
            },
            {
               name: "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/12/03/1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
            },
            {
               name: "RHSA-2017:0933",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0933",
            },
            {
               name: "RHSA-2017:0931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0931",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-03-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1402013",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-9793",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
                  },
                  {
                     name: "1037968",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1037968",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b98b0bc8c431e3ceb4b26b0dfc8db509518fb290",
                  },
                  {
                     name: "RHSA-2017:0932",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0932",
                  },
                  {
                     name: "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793",
                     refsource: "MISC",
                     url: "https://github.com/xairy/kernel-exploits/tree/master/CVE-2016-9793",
                  },
                  {
                     name: "94655",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94655",
                  },
                  {
                     name: "[oss-security] 20161202 Re: CVE Request: Linux: signed overflows for SO_{SND|RCV}BUFFORCE",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/12/03/1",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14",
                  },
                  {
                     name: "RHSA-2017:0933",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0933",
                  },
                  {
                     name: "RHSA-2017:0931",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0931",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-03-01.html",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-03-01.html",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1402013",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1402013",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-9793",
      datePublished: "2016-12-28T07:42:00",
      dateReserved: "2016-12-02T00:00:00",
      dateUpdated: "2024-08-06T02:59:03.525Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-7513

Vulnerability from cvelistv5

Published

2016-02-08 02:00

Modified

2024-08-06 07:51

Severity ?

Summary

arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions.

References

▼	URL	Tags
	http://www.openwall.com/lists/oss-security/2016/01/07/2	mailing-list, x_refsource_MLIST
	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html	vendor-advisory, x_refsource_FEDORA
	http://www.ubuntu.com/usn/USN-2887-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2886-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2887-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2890-3	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2889-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html	vendor-advisory, x_refsource_FEDORA
	http://www.ubuntu.com/usn/USN-2889-2	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/79901	vdb-entry, x_refsource_BID
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html	vendor-advisory, x_refsource_FEDORA
	http://www.ubuntu.com/usn/USN-2890-2	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1284847	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2890-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3434	vendor-advisory, x_refsource_DEBIAN
	http://www.securitytracker.com/id/1034602	vdb-entry, x_refsource_SECTRACK
	http://www.ubuntu.com/usn/USN-2888-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T07:51:28.131Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[oss-security] 20160107 CVE-2015-7513 Kernel: kvm: divide by zero issue leads to DoS",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/01/07/2",
               },
               {
                  name: "FEDORA-2016-26e19f042a",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html",
               },
               {
                  name: "USN-2887-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2887-2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8",
               },
               {
                  name: "USN-2886-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2886-1",
               },
               {
                  name: "USN-2887-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2887-1",
               },
               {
                  name: "USN-2890-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2890-3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8",
               },
               {
                  name: "USN-2889-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2889-1",
               },
               {
                  name: "FEDORA-2016-b59fd603be",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html",
               },
               {
                  name: "USN-2889-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2889-2",
               },
               {
                  name: "79901",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/79901",
               },
               {
                  name: "FEDORA-2016-5d43766e33",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html",
               },
               {
                  name: "USN-2890-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2890-2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1284847",
               },
               {
                  name: "USN-2890-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2890-1",
               },
               {
                  name: "DSA-3434",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3434",
               },
               {
                  name: "1034602",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1034602",
               },
               {
                  name: "USN-2888-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2888-1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-01-07T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service (divide-by-zero error and host OS crash) via a zero value, related to the kvm_vm_ioctl_set_pit and kvm_vm_ioctl_set_pit2 functions.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "[oss-security] 20160107 CVE-2015-7513 Kernel: kvm: divide by zero issue leads to DoS",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/01/07/2",
            },
            {
               name: "FEDORA-2016-26e19f042a",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/175792.html",
            },
            {
               name: "USN-2887-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2887-2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/0185604c2d82c560dab2f2933a18f797e74ab5a8",
            },
            {
               name: "USN-2886-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2886-1",
            },
            {
               name: "USN-2887-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2887-1",
            },
            {
               name: "USN-2890-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2890-3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0185604c2d82c560dab2f2933a18f797e74ab5a8",
            },
            {
               name: "USN-2889-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2889-1",
            },
            {
               name: "FEDORA-2016-b59fd603be",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176194.html",
            },
            {
               name: "USN-2889-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2889-2",
            },
            {
               name: "79901",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/79901",
            },
            {
               name: "FEDORA-2016-5d43766e33",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html",
            },
            {
               name: "USN-2890-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2890-2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1284847",
            },
            {
               name: "USN-2890-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2890-1",
            },
            {
               name: "DSA-3434",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3434",
            },
            {
               name: "1034602",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1034602",
            },
            {
               name: "USN-2888-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2888-1",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2015-7513",
      datePublished: "2016-02-08T02:00:00",
      dateReserved: "2015-09-29T00:00:00",
      dateUpdated: "2024-08-06T07:51:28.131Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-6828

Vulnerability from cvelistv5

Published

2016-10-16 21:00

Modified

2024-08-06 01:43

Severity ?

Summary

The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/bb1fceca22492109be12640d49f5ea5a544c6bb4	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0086.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0113.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2017-0091.html	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2016/08/15/1	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/92452	vdb-entry, x_refsource_BID
	https://source.android.com/security/bulletin/2016-11-01.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2017-0036.html	vendor-advisory, x_refsource_REDHAT
	https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html	x_refsource_MISC
	https://bugzilla.redhat.com/show_bug.cgi?id=1367091	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.5	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bb1fceca22492109be12640d49f5ea5a544c6bb4	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T01:43:37.815Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/bb1fceca22492109be12640d49f5ea5a544c6bb4",
               },
               {
                  name: "RHSA-2017:0086",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
               },
               {
                  name: "RHSA-2017:0113",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
               },
               {
                  name: "RHSA-2017:0091",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
               },
               {
                  name: "[oss-security] 20160815 Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/08/15/1",
               },
               {
                  name: "92452",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/92452",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2016-11-01.html",
               },
               {
                  name: "RHSA-2017:0036",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0036.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367091",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.5",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bb1fceca22492109be12640d49f5ea5a544c6bb4",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-08-15T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tcp_check_send_head function in include/net/tcp.h in the Linux kernel before 4.7.5 does not properly maintain certain SACK state after a failed data copy, which allows local users to cause a denial of service (tcp_xmit_retransmit_queue use-after-free and system crash) via a crafted SACK option.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/bb1fceca22492109be12640d49f5ea5a544c6bb4",
            },
            {
               name: "RHSA-2017:0086",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0086.html",
            },
            {
               name: "RHSA-2017:0113",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0113.html",
            },
            {
               name: "RHSA-2017:0091",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0091.html",
            },
            {
               name: "[oss-security] 20160815 Linux tcp_xmit_retransmit_queue use after free on 4.8-rc1 / master",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/08/15/1",
            },
            {
               name: "92452",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/92452",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2016-11-01.html",
            },
            {
               name: "RHSA-2017:0036",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0036.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://marcograss.github.io/security/linux/2016/08/18/cve-2016-6828-linux-kernel-tcp-uaf.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1367091",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.7.5",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bb1fceca22492109be12640d49f5ea5a544c6bb4",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2016-6828",
      datePublished: "2016-10-16T21:00:00",
      dateReserved: "2016-08-17T00:00:00",
      dateUpdated: "2024-08-06T01:43:37.815Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2015-8964

Vulnerability from cvelistv5

Published

2016-11-16 04:49

Modified

2024-08-06 08:36

Severity ?

Summary

The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.

References

▼	URL	Tags
	http://source.android.com/security/bulletin/2016-11-01.html	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94138	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T08:36:30.376Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-11-01.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc",
               },
               {
                  name: "94138",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94138",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-25T19:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2016-11-01.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc",
            },
            {
               name: "94138",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94138",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2015-8964",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://source.android.com/security/bulletin/2016-11-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2016-11-01.html",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=dd42bf1197144ede075a9d4793123f7689e164bc",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/dd42bf1197144ede075a9d4793123f7689e164bc",
                  },
                  {
                     name: "94138",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94138",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2015-8964",
      datePublished: "2016-11-16T04:49:00",
      dateReserved: "2016-10-03T00:00:00",
      dateUpdated: "2024-08-06T08:36:30.376Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4485

Vulnerability from cvelistv5

Published

2016-05-23 10:00

Modified

2024-08-06 00:32

Severity ?

Summary

The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.

References

▼	URL	Tags
	http://www.ubuntu.com/usn/USN-3006-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3004-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3001-1	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2016/05/04/26	mailing-list, x_refsource_MLIST
	http://www.ubuntu.com/usn/USN-3005-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b8670c09f37bdf2847cc44f36511a53afc6161fd	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2997-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3000-1	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1333309	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3002-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2996-1	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/b8670c09f37bdf2847cc44f36511a53afc6161fd	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-2989-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3007-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/90015	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-3003-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2998-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:32:25.502Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3006-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3006-1",
               },
               {
                  name: "USN-3004-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3004-1",
               },
               {
                  name: "USN-3001-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3001-1",
               },
               {
                  name: "[oss-security] 20160503 CVE Request: kernel information leak vulnerability in llc module",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/05/04/26",
               },
               {
                  name: "USN-3005-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3005-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b8670c09f37bdf2847cc44f36511a53afc6161fd",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "openSUSE-SU-2016:1641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
               },
               {
                  name: "USN-2997-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2997-1",
               },
               {
                  name: "USN-3000-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3000-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1333309",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3002-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3002-1",
               },
               {
                  name: "USN-2996-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2996-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/b8670c09f37bdf2847cc44f36511a53afc6161fd",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "USN-2989-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2989-1",
               },
               {
                  name: "USN-3007-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3007-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
               },
               {
                  name: "90015",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/90015",
               },
               {
                  name: "USN-3003-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3003-1",
               },
               {
                  name: "USN-2998-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2998-1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-25T20:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-3006-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3006-1",
            },
            {
               name: "USN-3004-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3004-1",
            },
            {
               name: "USN-3001-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3001-1",
            },
            {
               name: "[oss-security] 20160503 CVE Request: kernel information leak vulnerability in llc module",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/05/04/26",
            },
            {
               name: "USN-3005-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3005-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b8670c09f37bdf2847cc44f36511a53afc6161fd",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "openSUSE-SU-2016:1641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
            },
            {
               name: "USN-2997-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2997-1",
            },
            {
               name: "USN-3000-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3000-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1333309",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3002-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3002-1",
            },
            {
               name: "USN-2996-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2996-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/b8670c09f37bdf2847cc44f36511a53afc6161fd",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "USN-2989-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2989-1",
            },
            {
               name: "USN-3007-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3007-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
            },
            {
               name: "90015",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/90015",
            },
            {
               name: "USN-3003-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3003-1",
            },
            {
               name: "USN-2998-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2998-1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-4485",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3006-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3006-1",
                  },
                  {
                     name: "USN-3004-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3004-1",
                  },
                  {
                     name: "USN-3001-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3001-1",
                  },
                  {
                     name: "[oss-security] 20160503 CVE Request: kernel information leak vulnerability in llc module",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/05/04/26",
                  },
                  {
                     name: "USN-3005-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3005-1",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b8670c09f37bdf2847cc44f36511a53afc6161fd",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b8670c09f37bdf2847cc44f36511a53afc6161fd",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "openSUSE-SU-2016:1641",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
                  },
                  {
                     name: "USN-2997-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2997-1",
                  },
                  {
                     name: "USN-3000-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3000-1",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1333309",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1333309",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "USN-3002-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3002-1",
                  },
                  {
                     name: "USN-2996-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2996-1",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/b8670c09f37bdf2847cc44f36511a53afc6161fd",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/b8670c09f37bdf2847cc44f36511a53afc6161fd",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "USN-2989-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2989-1",
                  },
                  {
                     name: "USN-3007-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3007-1",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
                  },
                  {
                     name: "90015",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/90015",
                  },
                  {
                     name: "USN-3003-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3003-1",
                  },
                  {
                     name: "USN-2998-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-2998-1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-4485",
      datePublished: "2016-05-23T10:00:00",
      dateReserved: "2016-05-04T00:00:00",
      dateUpdated: "2024-08-06T00:32:25.502Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-8399

Vulnerability from cvelistv5

Published

2017-01-12 15:00

Modified

2024-08-06 02:20

Severity ?

Summary

An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.

References

▼	URL	Tags
	https://source.android.com/security/bulletin/2016-12-01.html	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/94708	vdb-entry, x_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2017-0817.html	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:0869	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory, x_refsource_REDHAT
	https://support.f5.com/csp/article/K23030550?utm_source=f5support&amp%3Butm_medium=RSS	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Google Inc.	Android	Version: Kernel-3.10 Version: Kernel-3.18

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:20:31.231Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2016-12-01.html",
               },
               {
                  name: "RHSA-2017:2931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2931",
               },
               {
                  name: "94708",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94708",
               },
               {
                  name: "RHSA-2017:0817",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
               },
               {
                  name: "RHSA-2017:0869",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:0869",
               },
               {
                  name: "RHSA-2017:2930",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2930",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.f5.com/csp/article/K23030550?utm_source=f5support&amp%3Butm_medium=RSS",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Android",
               vendor: "Google Inc.",
               versions: [
                  {
                     status: "affected",
                     version: "Kernel-3.10",
                  },
                  {
                     status: "affected",
                     version: "Kernel-3.18",
                  },
               ],
            },
         ],
         datePublic: "2016-12-05T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-10-09T19:07:21",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2016-12-01.html",
            },
            {
               name: "RHSA-2017:2931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2931",
            },
            {
               name: "94708",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94708",
            },
            {
               name: "RHSA-2017:0817",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
            },
            {
               name: "RHSA-2017:0869",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:0869",
            },
            {
               name: "RHSA-2017:2930",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2930",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.f5.com/csp/article/K23030550?utm_source=f5support&amp%3Butm_medium=RSS",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2016-8399",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Android",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Kernel-3.10",
                                       },
                                       {
                                          version_value: "Kernel-3.18",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Google Inc.",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://source.android.com/security/bulletin/2016-12-01.html",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2016-12-01.html",
                  },
                  {
                     name: "RHSA-2017:2931",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2931",
                  },
                  {
                     name: "94708",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94708",
                  },
                  {
                     name: "RHSA-2017:0817",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2017-0817.html",
                  },
                  {
                     name: "RHSA-2017:0869",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:0869",
                  },
                  {
                     name: "RHSA-2017:2930",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2930",
                  },
                  {
                     name: "https://support.f5.com/csp/article/K23030550?utm_source=f5support&amp;utm_medium=RSS",
                     refsource: "CONFIRM",
                     url: "https://support.f5.com/csp/article/K23030550?utm_source=f5support&amp;utm_medium=RSS",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2016-8399",
      datePublished: "2017-01-12T15:00:00",
      dateReserved: "2016-10-05T00:00:00",
      dateUpdated: "2024-08-06T02:20:31.231Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-3841

Vulnerability from cvelistv5

Published

2016-08-06 20:00

Modified

2024-08-06 00:10

Severity ?

Summary

The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.

References

▼	URL	Tags
	http://source.android.com/security/bulletin/2016-08-01.html	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-0855.html	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/45f6fad84cc305103b28d73482b344d7f5b76f39	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/92227	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=45f6fad84cc305103b28d73482b344d7f5b76f39	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-2695.html	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:10:31.094Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://source.android.com/security/bulletin/2016-08-01.html",
               },
               {
                  name: "RHSA-2016:0855",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-0855.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/45f6fad84cc305103b28d73482b344d7f5b76f39",
               },
               {
                  name: "RHSA-2016:2584",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
               },
               {
                  name: "RHSA-2016:2574",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3",
               },
               {
                  name: "92227",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/92227",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=45f6fad84cc305103b28d73482b344d7f5b76f39",
               },
               {
                  name: "RHSA-2016:2695",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2695.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2015-12-14T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://source.android.com/security/bulletin/2016-08-01.html",
            },
            {
               name: "RHSA-2016:0855",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-0855.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/45f6fad84cc305103b28d73482b344d7f5b76f39",
            },
            {
               name: "RHSA-2016:2584",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
            },
            {
               name: "RHSA-2016:2574",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3",
            },
            {
               name: "92227",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/92227",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=45f6fad84cc305103b28d73482b344d7f5b76f39",
            },
            {
               name: "RHSA-2016:2695",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2695.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2016-3841",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://source.android.com/security/bulletin/2016-08-01.html",
                     refsource: "CONFIRM",
                     url: "http://source.android.com/security/bulletin/2016-08-01.html",
                  },
                  {
                     name: "RHSA-2016:0855",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-0855.html",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/45f6fad84cc305103b28d73482b344d7f5b76f39",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/45f6fad84cc305103b28d73482b344d7f5b76f39",
                  },
                  {
                     name: "RHSA-2016:2584",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
                  },
                  {
                     name: "RHSA-2016:2574",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3",
                  },
                  {
                     name: "92227",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/92227",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=45f6fad84cc305103b28d73482b344d7f5b76f39",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=45f6fad84cc305103b28d73482b344d7f5b76f39",
                  },
                  {
                     name: "RHSA-2016:2695",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2695.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2016-3841",
      datePublished: "2016-08-06T20:00:00",
      dateReserved: "2016-03-30T00:00:00",
      dateUpdated: "2024-08-06T00:10:31.094Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2013-4312

Vulnerability from cvelistv5

Published

2016-02-08 02:00

Modified

2024-08-06 16:38

Severity ?

Summary

The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.

References

▼	URL	Tags
	http://rhn.redhat.com/errata/RHSA-2016-0855.html	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/712f4aad406bb1ed67f3f98d04c044191f0ff593	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2967-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1	x_refsource_CONFIRM
	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1297813	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3503	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-2967-2	vendor-advisory, x_refsource_UBUNTU
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/82986	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-2929-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-2932-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html	vendor-advisory, x_refsource_FEDORA
	https://security-tracker.debian.org/tracker/CVE-2013-4312	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2931-1	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2016/dsa-3448	vendor-advisory, x_refsource_DEBIAN
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=712f4aad406bb1ed67f3f98d04c044191f0ff593	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2929-2	vendor-advisory, x_refsource_UBUNTU
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html	vendor-advisory, x_refsource_FEDORA

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T16:38:01.907Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2016:0855",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-0855.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/712f4aad406bb1ed67f3f98d04c044191f0ff593",
               },
               {
                  name: "USN-2967-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2967-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1297813",
               },
               {
                  name: "DSA-3503",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3503",
               },
               {
                  name: "USN-2967-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2967-2",
               },
               {
                  name: "RHSA-2016:2584",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
               },
               {
                  name: "RHSA-2016:2574",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
               },
               {
                  name: "82986",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/82986",
               },
               {
                  name: "USN-2929-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2929-1",
               },
               {
                  name: "USN-2932-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2932-1",
               },
               {
                  name: "FEDORA-2016-5d43766e33",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security-tracker.debian.org/tracker/CVE-2013-4312",
               },
               {
                  name: "USN-2931-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2931-1",
               },
               {
                  name: "DSA-3448",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3448",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=712f4aad406bb1ed67f3f98d04c044191f0ff593",
               },
               {
                  name: "USN-2929-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-2929-2",
               },
               {
                  name: "FEDORA-2016-2f25d12c51",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-01-31T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2016:0855",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-0855.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/712f4aad406bb1ed67f3f98d04c044191f0ff593",
            },
            {
               name: "USN-2967-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2967-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1297813",
            },
            {
               name: "DSA-3503",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3503",
            },
            {
               name: "USN-2967-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2967-2",
            },
            {
               name: "RHSA-2016:2584",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
            },
            {
               name: "RHSA-2016:2574",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
            },
            {
               name: "82986",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/82986",
            },
            {
               name: "USN-2929-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2929-1",
            },
            {
               name: "USN-2932-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2932-1",
            },
            {
               name: "FEDORA-2016-5d43766e33",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176484.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security-tracker.debian.org/tracker/CVE-2013-4312",
            },
            {
               name: "USN-2931-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2931-1",
            },
            {
               name: "DSA-3448",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3448",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=712f4aad406bb1ed67f3f98d04c044191f0ff593",
            },
            {
               name: "USN-2929-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-2929-2",
            },
            {
               name: "FEDORA-2016-2f25d12c51",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176464.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2013-4312",
      datePublished: "2016-02-08T02:00:00",
      dateReserved: "2013-06-12T00:00:00",
      dateUpdated: "2024-08-06T16:38:01.907Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-9685

Vulnerability from cvelistv5

Published

2016-12-28 07:42

Modified

2024-08-06 02:59

Severity ?

Summary

Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2e83b79b2d6c78bf1b4aa227938a214dcbddc83f	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/2e83b79b2d6c78bf1b4aa227938a214dcbddc83f	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/94593	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1396941	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/11/30/1	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T02:59:03.351Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2e83b79b2d6c78bf1b4aa227938a214dcbddc83f",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/2e83b79b2d6c78bf1b4aa227938a214dcbddc83f",
               },
               {
                  name: "94593",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/94593",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1396941",
               },
               {
                  name: "[oss-security] 20161130 cve-request: linux kernel - memory leak in xfs attribute mechanism.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/11/30/1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-04-12T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2e83b79b2d6c78bf1b4aa227938a214dcbddc83f",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/2e83b79b2d6c78bf1b4aa227938a214dcbddc83f",
            },
            {
               name: "94593",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/94593",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1396941",
            },
            {
               name: "[oss-security] 20161130 cve-request: linux kernel - memory leak in xfs attribute mechanism.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/11/30/1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-9685",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2e83b79b2d6c78bf1b4aa227938a214dcbddc83f",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2e83b79b2d6c78bf1b4aa227938a214dcbddc83f",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/2e83b79b2d6c78bf1b4aa227938a214dcbddc83f",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/2e83b79b2d6c78bf1b4aa227938a214dcbddc83f",
                  },
                  {
                     name: "94593",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/94593",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.1",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1396941",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1396941",
                  },
                  {
                     name: "[oss-security] 20161130 cve-request: linux kernel - memory leak in xfs attribute mechanism.",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/11/30/1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-9685",
      datePublished: "2016-12-28T07:42:00",
      dateReserved: "2016-11-30T00:00:00",
      dateUpdated: "2024-08-06T02:59:03.351Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4580

Vulnerability from cvelistv5

Published

2016-05-23 10:00

Modified

2024-08-06 00:32

Severity ?

Summary

The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request.

References

▼	URL	Tags
	http://www.openwall.com/lists/oss-security/2016/05/10/12	mailing-list, x_refsource_MLIST
	https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3017-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3018-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3021-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3017-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3019-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-3016-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3021-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3018-1	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/90528	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-3016-3	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-4	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3020-1	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:32:25.837Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[oss-security] 20160510 CVE Request: x25: a kernel infoleak in x25_negotiate_facilities()",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/05/10/12",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8",
               },
               {
                  name: "USN-3017-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-1",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "USN-3017-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-3",
               },
               {
                  name: "USN-3018-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-2",
               },
               {
                  name: "USN-3021-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-2",
               },
               {
                  name: "USN-3017-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-2",
               },
               {
                  name: "USN-3019-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3019-1",
               },
               {
                  name: "openSUSE-SU-2016:1641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "USN-3016-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-2",
               },
               {
                  name: "USN-3016-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-1",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "USN-3021-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-1",
               },
               {
                  name: "USN-3018-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
               },
               {
                  name: "90528",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/90528",
               },
               {
                  name: "USN-3016-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-3",
               },
               {
                  name: "USN-3016-4",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-4",
               },
               {
                  name: "USN-3020-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3020-1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2016-11-25T20:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "[oss-security] 20160510 CVE Request: x25: a kernel infoleak in x25_negotiate_facilities()",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/05/10/12",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8",
            },
            {
               name: "USN-3017-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-1",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "USN-3017-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-3",
            },
            {
               name: "USN-3018-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-2",
            },
            {
               name: "USN-3021-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-2",
            },
            {
               name: "USN-3017-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-2",
            },
            {
               name: "USN-3019-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3019-1",
            },
            {
               name: "openSUSE-SU-2016:1641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "USN-3016-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-2",
            },
            {
               name: "USN-3016-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-1",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "USN-3021-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-1",
            },
            {
               name: "USN-3018-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
            },
            {
               name: "90528",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/90528",
            },
            {
               name: "USN-3016-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-3",
            },
            {
               name: "USN-3016-4",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-4",
            },
            {
               name: "USN-3020-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3020-1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-4580",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call Request.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "[oss-security] 20160510 CVE Request: x25: a kernel infoleak in x25_negotiate_facilities()",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/05/10/12",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/79e48650320e6fba48369fccf13fd045315b19b8",
                  },
                  {
                     name: "USN-3017-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-1",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "USN-3017-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-3",
                  },
                  {
                     name: "USN-3018-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-2",
                  },
                  {
                     name: "USN-3021-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-2",
                  },
                  {
                     name: "USN-3017-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-2",
                  },
                  {
                     name: "USN-3019-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3019-1",
                  },
                  {
                     name: "openSUSE-SU-2016:1641",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=79e48650320e6fba48369fccf13fd045315b19b8",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "USN-3016-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-2",
                  },
                  {
                     name: "USN-3016-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-1",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "USN-3021-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-1",
                  },
                  {
                     name: "USN-3018-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-1",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.5",
                  },
                  {
                     name: "90528",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/90528",
                  },
                  {
                     name: "USN-3016-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-3",
                  },
                  {
                     name: "USN-3016-4",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-4",
                  },
                  {
                     name: "USN-3020-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3020-1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-4580",
      datePublished: "2016-05-23T10:00:00",
      dateReserved: "2016-05-11T00:00:00",
      dateUpdated: "2024-08-06T00:32:25.837Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2016-4578

Vulnerability from cvelistv5

Published

2016-05-23 10:00

Modified

2024-08-06 00:32

Severity ?

Summary

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4ec8cc8039a7063e24204299b462bd1383184a5	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3017-1	vendor-advisory, x_refsource_UBUNTU
	https://www.exploit-db.com/exploits/46529/	exploit, x_refsource_EXPLOIT-DB
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3017-3	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3018-2	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3021-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3017-2	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.redhat.com/show_bug.cgi?id=1335215	x_refsource_CONFIRM
	http://rhn.redhat.com/errata/RHSA-2016-2584.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2016-2574.html	vendor-advisory, x_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-3019-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.debian.org/security/2016/dsa-3607	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/90535	vdb-entry, x_refsource_BID
	http://www.ubuntu.com/usn/USN-3016-2	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3016-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3021-1	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3018-1	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2016/05/11/5	mailing-list, x_refsource_MLIST
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html	vendor-advisory, x_refsource_SUSE
	http://www.ubuntu.com/usn/USN-3016-3	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3016-4	vendor-advisory, x_refsource_UBUNTU
	http://www.ubuntu.com/usn/USN-3020-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html	vendor-advisory, x_refsource_SUSE

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-06T00:32:25.830Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "SUSE-SU-2016:1690",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4ec8cc8039a7063e24204299b462bd1383184a5",
               },
               {
                  name: "USN-3017-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-1",
               },
               {
                  name: "46529",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/46529/",
               },
               {
                  name: "SUSE-SU-2016:1985",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
               },
               {
                  name: "USN-3017-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-3",
               },
               {
                  name: "openSUSE-SU-2016:2184",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
               },
               {
                  name: "USN-3018-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5",
               },
               {
                  name: "USN-3021-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-2",
               },
               {
                  name: "USN-3017-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3017-2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335215",
               },
               {
                  name: "RHSA-2016:2584",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
               },
               {
                  name: "RHSA-2016:2574",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
               },
               {
                  name: "USN-3019-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3019-1",
               },
               {
                  name: "openSUSE-SU-2016:1641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
               },
               {
                  name: "DSA-3607",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2016/dsa-3607",
               },
               {
                  name: "90535",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/90535",
               },
               {
                  name: "USN-3016-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-2",
               },
               {
                  name: "USN-3016-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-1",
               },
               {
                  name: "SUSE-SU-2016:1672",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
               },
               {
                  name: "USN-3021-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3021-1",
               },
               {
                  name: "USN-3018-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3018-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6",
               },
               {
                  name: "[oss-security] 20160511 Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2016/05/11/5",
               },
               {
                  name: "SUSE-SU-2016:2105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
               },
               {
                  name: "USN-3016-3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6",
               },
               {
                  name: "USN-3016-4",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3016-4",
               },
               {
                  name: "USN-3020-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3020-1",
               },
               {
                  name: "SUSE-SU-2016:1937",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2016-05-11T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-03-12T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "SUSE-SU-2016:1690",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4ec8cc8039a7063e24204299b462bd1383184a5",
            },
            {
               name: "USN-3017-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-1",
            },
            {
               name: "46529",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/46529/",
            },
            {
               name: "SUSE-SU-2016:1985",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
            },
            {
               name: "USN-3017-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-3",
            },
            {
               name: "openSUSE-SU-2016:2184",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
            },
            {
               name: "USN-3018-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5",
            },
            {
               name: "USN-3021-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-2",
            },
            {
               name: "USN-3017-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3017-2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335215",
            },
            {
               name: "RHSA-2016:2584",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
            },
            {
               name: "RHSA-2016:2574",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
            },
            {
               name: "USN-3019-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3019-1",
            },
            {
               name: "openSUSE-SU-2016:1641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
            },
            {
               name: "DSA-3607",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2016/dsa-3607",
            },
            {
               name: "90535",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/90535",
            },
            {
               name: "USN-3016-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-2",
            },
            {
               name: "USN-3016-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-1",
            },
            {
               name: "SUSE-SU-2016:1672",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
            },
            {
               name: "USN-3021-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3021-1",
            },
            {
               name: "USN-3018-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3018-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6",
            },
            {
               name: "[oss-security] 20160511 Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2016/05/11/5",
            },
            {
               name: "SUSE-SU-2016:2105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
            },
            {
               name: "USN-3016-3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6",
            },
            {
               name: "USN-3016-4",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3016-4",
            },
            {
               name: "USN-3020-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3020-1",
            },
            {
               name: "SUSE-SU-2016:1937",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2016-4578",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_timer_user_ccallback and (2) snd_timer_user_tinterrupt functions.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "SUSE-SU-2016:1690",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4ec8cc8039a7063e24204299b462bd1383184a5",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e4ec8cc8039a7063e24204299b462bd1383184a5",
                  },
                  {
                     name: "USN-3017-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-1",
                  },
                  {
                     name: "46529",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/46529/",
                  },
                  {
                     name: "SUSE-SU-2016:1985",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html",
                  },
                  {
                     name: "USN-3017-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-3",
                  },
                  {
                     name: "openSUSE-SU-2016:2184",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html",
                  },
                  {
                     name: "USN-3018-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-2",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/e4ec8cc8039a7063e24204299b462bd1383184a5",
                  },
                  {
                     name: "USN-3021-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-2",
                  },
                  {
                     name: "USN-3017-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3017-2",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1335215",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1335215",
                  },
                  {
                     name: "RHSA-2016:2584",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2584.html",
                  },
                  {
                     name: "RHSA-2016:2574",
                     refsource: "REDHAT",
                     url: "http://rhn.redhat.com/errata/RHSA-2016-2574.html",
                  },
                  {
                     name: "USN-3019-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3019-1",
                  },
                  {
                     name: "openSUSE-SU-2016:1641",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html",
                  },
                  {
                     name: "DSA-3607",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2016/dsa-3607",
                  },
                  {
                     name: "90535",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/90535",
                  },
                  {
                     name: "USN-3016-2",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-2",
                  },
                  {
                     name: "USN-3016-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-1",
                  },
                  {
                     name: "SUSE-SU-2016:1672",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html",
                  },
                  {
                     name: "USN-3021-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3021-1",
                  },
                  {
                     name: "USN-3018-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3018-1",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6",
                  },
                  {
                     name: "[oss-security] 20160511 Re: CVE Request: alsa: kernel information leak vulnerability in Linux sound/core/timer",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2016/05/11/5",
                  },
                  {
                     name: "SUSE-SU-2016:2105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html",
                  },
                  {
                     name: "USN-3016-3",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-3",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/9a47e9cff994f37f7f0dbd9ae23740d0f64f9fe6",
                  },
                  {
                     name: "USN-3016-4",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3016-4",
                  },
                  {
                     name: "USN-3020-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3020-1",
                  },
                  {
                     name: "SUSE-SU-2016:1937",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2016-4578",
      datePublished: "2016-05-23T10:00:00",
      dateReserved: "2016-05-11T00:00:00",
      dateUpdated: "2024-08-06T00:32:25.830Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature