csaf_suse - suse-su-2017:2908-1

Vulnerability from csaf_suse

Published

2017-10-30 15:09

Modified

2017-10-30 15:09

Summary

Security update for the Linux Kernel

Notes

Title of the patch

Security update for the Linux Kernel

Description of the patch

The SUSE Linux Enterprise 12 SP1 LTS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bnc#1064388). - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667). - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327). - CVE-2017-15265: Use-after-free vulnerability in the Linux kernel allowed local users to have unspecified impact via vectors related to /dev/snd/seq (bnc#1062520). - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354). - CVE-2017-12153: A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel This function did not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash (bnc#1058410). - CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel did not ensure that the 'CR8-load exiting' and 'CR8-store exiting' L0 vmcs02 controls exist in cases where L1 omits the 'use TPR shadow' vmcs12 control, which allowed KVM L2 guest OS users to obtain read and write access to the hardware CR8 register (bnc#1058507). - CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982). - CVE-2017-14140: The move_pages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179). - CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588). - CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152). - CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148). - CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994). - CVE-2017-7482: A potential memory corruption was fixed in decoding of krb5 principals in the kernels kerberos handling. (bnc#1046107). - CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882). - CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275). - CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet (bnc#1049645). - CVE-2017-7518: The Linux kernel was vulnerable to an incorrect debug exception(#DB) error. It could occur while emulating a syscall instruction and potentially lead to guest privilege escalation. (bsc#1045922). - CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982). - CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981). - CVE-2017-1000380: sound/core/timer.c in the Linux kernel was vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents might have been disclosed when a read and an ioctl happen at the same time (bnc#1044125). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431). - CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (could happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) could overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line (bnc#1039456). - CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885). - CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069). - CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883). - CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882). - CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879). - CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544). - CVE-2017-7889: The mm subsystem in the Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allowed local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c (bnc#1034405). The following new features were implemented: - the r8152 network driver was updated to support Realtek RTL8152/RTL8153 Based USB Ethernet Adapters (fate#321482) The following non-security bugs were fixed: - blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216). - btrfs: Add WARN_ON for qgroup reserved underflow (bsc#1031515). - btrfs: Do not clear SGID when inheriting ACLs (bsc#1030552). - btrfs: Check qgroup level in kernel qgroup assign (bsc#1001459). - btrfs: qgroup: allow to remove qgroup which has parent but no child (bsc#1001459). - btrfs: quota: Automatically update related qgroups or mark INCONSISTENT flags when assigning/deleting a qgroup relations (bsc#1001459). - ceph: Correctly return NXIO errors from ceph_llseek (git-fixes). - ceph: fix file open flags on ppc64 (git-fixes). - ceph: check i_nlink while converting a file handle to dentry (bsc#1039864). - drivers/net: delete non-required instances of include <linux/init.h> (bsc#993099). - drivers/net/usb: add device id for NVIDIA Tegra USB 3.0 Ethernet (bsc#993099). - drivers/net/usb: Add support for 'Lenovo OneLink Pro Dock' (bsc#993099). - enic: set skb->hash type properly (bsc#922871). - ext2: Do not clear SGID when inheriting ACLs (bsc#1030552). - ext4: Do not clear SGID when inheriting ACLs (bsc#1030552). - firmware: dmi_scan: Fix ordering of product_uuid (bsc#1030531). - fm10k: correctly check if interface is removed (bsc#922855). - fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes). - fs: fix data invalidation in the cleancache during direct IO (git-fixes). - fs/xattr.c: zero out memory copied to userspace in getxattr (git-fixes). - hv: vmbus: Raise retry/wait limits in vmbus_post_msg() (bsc#1023287, bsc#1028217, bsc#1048788). - jhash: Update jhash_[321]words functions to use correct initval (git-fixes). - kABI: mask an include (bsc#994364). - md: ensure md devices are freed before module is unloaded (git-fixes). - md/raid0: apply base queue limits *before* disk_stack_limits (git-fixes). - md/raid0: update queue parameter in a safer location (git-fixes). - md/raid1: do not clear bitmap bit when bad-block-list write fails (git-fixes). - md/raid10: do not clear bitmap bit when bad-block-list write fails (git-fixes). - md/raid10: ensure device failure recorded before write request returns (git-fixes). - mlock: fix mlock count can not decrease in race condition (VM Functionality, bsc#1042696). - mlx: Revert the mlx5e_tx_notify_hw() changes.(bsc#1033960) - mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check (VM Functionality, bsc#1042832). - mm: hugetlb: call huge_pte_alloc() only if ptep is null (VM Functionality, bsc#1042832). - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348). - netfilter: bridge: Fix the build when IPV6 is disabled (bsc#1027149). - net: get rid of SET_ETHTOOL_OPS (bsc#993099). - net/usb/r8152: add device id for Lenovo TP USB 3.0 Ethernet (bsc#993099). - netvsc: get rid of completion timeouts (bsc#1048788). - nfs v4.1: Fix Oopsable condition in server callback races (git-fixes). - ocfs2: Do not clear SGID when inheriting ACLs (bsc#1030552). - pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes (bnc#1012985). - powerpc: Add missing error check to prom_find_boot_cpu() (bnc#856774). - powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bnc#878240). - powerpc/bpf/jit: Disable classic BPF JIT on ppc64le (bsc#1041429, [2017-05-29] Pending SUSE Kernel Fixes). - powerpc: Fix bad inline asm constraint in create_zero_mask() (bnc#856774). - powerpc/64: Fix flush_(d|i)cache_range() called from modules (bnc#863764). - printk: prevent userland from spoofing kernel messages (bsc#1039721). - reiserfs: Do not clear SGID when inheriting ACLs (bsc#1030552). - rtl8152: correct speed testing (bsc#993099). - r8152: add functions to set EEE (bsc#993099). - r8152: add MODULE_VERSION (bsc#993099). - r8152: add mutex for hw settings (bsc#993099). - r8152: add pre_reset and post_reset (bsc#993099). - r8152: add reset_resume function (bsc#993099). - r8152: add rtl_ops (bsc#993099). - r8152: add skb_cow_head (bsc#993099). - r8152: add three functions (bsc#993099). - r8152: adjust ALDPS function (bsc#993099). - r8152: adjust lpm timer (bsc#993099). - r8152: adjust rtl_start_rx (bsc#993099). - r8152: adjust rx_bottom (bsc#993099). - r8152: adjust r8152_submit_rx (bsc#993099). - r8152: adjust the line feed for hw_features (bsc#993099). - r8152: adjust usb_autopm_xxx (bsc#993099). - r8152: autoresume before setting feature (bsc#993099). - r8152: autoresume before setting MAC address (bsc#993099). - r8152: calculate the dropped packets for rx (bsc#993099). - r8152: call rtl_start_rx after netif_carrier_on (bsc#993099). - r8152: clear BMCR_PDOWN (bsc#993099). - r8152: clear LINK_OFF_WAKE_EN after autoresume (bsc#993099). - r8152: clear SELECTIVE_SUSPEND when autoresuming (bsc#993099). - r8152: clear the flag of SCHEDULE_TASKLET in tasklet (bsc#993099). - r8152: combine PHY reset with set_speed (bsc#993099). - r8152: constify ethtool_ops structures (bsc#993099). - r8152: correct some messages (bsc#993099). - r8152: correct the rx early size (bsc#993099). - r8152: deal with the empty line and space (bsc#993099). - r8152: disable ALDPS and EEE before setting PHY (bsc#993099). - r8152: disable ALDPS (bsc#993099). - r8152: disable MAC clock speed down (bsc#993099). - r8152: disable power cut for RTL8153 (bsc#993099). - r8152: disable teredo for RTL8152 (bsc#993099). - r8152: disable the capability of zero length (bsc#993099). - r8152: disable the ECM mode (bsc#993099). - r8152: disable the tasklet by default (bsc#993099). - r8152: do not enable napi before rx ready (bsc#993099). - r8152: ecm and vendor modes coexist (bsc#993099). - r8152: fix incorrect type in assignment (bsc#993099). - r8152: fix lockup when runtime PM is enabled (bsc#993099). - r8152: fix runtime function for RTL8152 (bsc#993099). - r8152: fix r8152_csum_workaround function (bsc#993099). - r8152: fix setting RTL8152_UNPLUG (bsc#993099). - r8152: fix the carrier off when autoresuming (bsc#993099). - r8152: fix the checking of the usb speed (bsc#993099). - r8152: fix the issue about U1/U2 (bsc#993099). - r8152: fix the runtime suspend issues (bsc#993099). - r8152: fix the submission of the interrupt transfer (bsc#993099). - r8152: fix the wake event (bsc#993099). - r8152: fix the warnings and a error from checkpatch.pl (bsc#993099). - r8152: fix the wrong return value (bsc#993099). - r8152: fix tx/rx memory overflow (bsc#993099). - r8152: fix wakeup settings (bsc#993099). - r8152: change rx early size when the mtu is changed (bsc#993099). - r8152: change some definitions (bsc#993099). - r8152: change the descriptor (bsc#993099). - r8152: change the EEE definition (bsc#993099). - r8152: change the location of rtl8152_set_mac_address (bsc#993099). - r8152: check code with checkpatch.pl (bsc#993099). - r8152: check linking status with netif_carrier_ok (bsc#993099). - r8152: check RTL8152_UNPLUG and netif_running before autoresume (bsc#993099). - r8152: check RTL8152_UNPLUG (bsc#993099). - r8152: check RTL8152_UNPLUG for rtl8152_close (bsc#993099). - r8152: check the status before submitting rx (bsc#993099). - r8152: check tx agg list before spin lock (bsc#993099). - r8152: check WORK_ENABLE in suspend function (bsc#993099). - r8152: increase the tx timeout (bsc#993099). - r8152: load the default MAC address (bsc#993099). - r8152: modify rtl_ops_init (bsc#993099). - r8152: modify the check of the flag of PHY_RESET in set_speed function (bsc#993099). - r8152: modify the method of accessing PHY (bsc#993099). - r8152: modify the tx flow (bsc#993099). - r8152: move enabling PHY (bsc#993099). - r8152: move PHY settings to hw_phy_cfg (bsc#993099). - r8152: move rtl8152_unload and ocp_reg_write (bsc#993099). - r8152: move r8152b_get_version (bsc#993099). - r8152: move some functions (bsc#993099). - r8152: move some functions (bsc#993099). - r8152: move some functions from probe to open (bsc#993099). - r8152: move the actions of saving the information of the device (bsc#993099). - r8152: move the setting for the default speed (bsc#993099). - r8152: move the settings of PHY to a work queue (bsc#993099). - r8152: nway reset after setting eee (bsc#993099). - r8152: redefine REALTEK_USB_DEVICE (bsc#993099). - r8152: reduce the frequency of spin_lock (bsc#993099). - r8152: reduce the number of Tx (bsc#993099). - r8152: remove a netif_carrier_off in rtl8152_open function (bsc#993099). - r8152: remove cancel_delayed_work_sync in rtl8152_set_speed (bsc#993099). - r8152: remove clearing bp (bsc#993099). - r8152: remove generic_ocp_read before writing (bsc#993099). - r8152: remove rtl_phy_reset function (bsc#993099). - r8152: remove rtl8152_get_stats (bsc#993099). - r8152: remove r8153_enable_eee (bsc#993099). - r8152: remove sram_read (bsc#993099). - r8152: remove the definitions of the PID (bsc#993099). - r8152: remove the duplicate init for the list of rx_done (bsc#993099). - r8152: remove the setting of LAN_WAKE_EN (bsc#993099). - r8152: rename rx_buf_sz (bsc#993099). - r8152: rename tx_underun (bsc#993099). - r8152: replace get_protocol with vlan_get_protocol (bsc#993099). - r8152: replace netdev_alloc_skb_ip_align with napi_alloc_skb (bsc#993099). - r8152: replace netif_rx with netif_receive_skb (bsc#993099). - r8152: replace some tabs with spaces (bsc#993099). - r8152: replace some types from int to bool (bsc#993099). - r8152: replace spin_lock_irqsave and spin_unlock_irqrestore (bsc#993099). - r8152: replace strncpy with strlcpy (bsc#993099). - r8152: replace tasklet with NAPI (bsc#993099). - r8152: replace the return value of rtl_ops_init (bsc#993099). - r8152: replace tp->netdev with netdev (bsc#993099). - r8152: reset device when tx timeout (bsc#993099). - r8152: reset the bmu (bsc#993099). - r8152: reset tp->speed before autoresuming in open function (bsc#993099). - r8152: restore hw settings (bsc#993099). - r8152: return -EBUSY for runtime suspend (bsc#993099). - r8152: save the speed (bsc#993099). - r8152: separate USB_RX_EARLY_AGG (bsc#993099). - r8152: set disable_hub_initiated_lpm (bsc#993099). - r8152: set RTL8152_UNPLUG when finding -ENODEV (bsc#993099). - r8152: split DRIVER_VERSION (bsc#993099). - r8152: split rtl8152_enable (bsc#993099). - r8152: stop submitting intr for -EPROTO (bsc#993099). - r8152: support dumping the hw counters (bsc#993099). - r8152: support ethtool eee (bsc#993099). - r8152: support get_msglevel and set_msglevel (bsc#993099). - r8152: support IPv6 (bsc#993099). - r8152: support jumbo frame for RTL8153 (bsc#993099). - r8152: support nway_reset of ethtool (bsc#993099). - r8152: support RTL8153 (bsc#993099). - r8152: support runtime suspend (bsc#993099). - r8152: support rx checksum (bsc#993099). - r8152: support setting rx coalesce (bsc#993099). - r8152: support stopping/waking tx queue (bsc#993099). - r8152: support the new RTL8153 chip (bsc#993099). - r8152: support TSO (bsc#993099). - r8152: support VLAN (bsc#993099). - r8152: support WOL (bsc#993099). - r8152: up the priority of the transmission (bsc#993099). - r8152: use BIT macro (bsc#993099). - r8152: use eth_hw_addr_random (bsc#993099). - r8152: Use kmemdup instead of kmalloc + memcpy (bsc#993099). - r8152: use test_and_clear_bit (bsc#993099). - r8152: use usleep_range (bsc#993099). - r8152: wake up the device before dumping the hw counter (bsc#993099). - scsi: qla2xxx: Get mutex lock before checking optrom_state (bsc#1053317). - sched/fair: Fix min_vruntime tracking (bnc#1012985). - sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded systems (bnc#1012985). - sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1012985). - sunrpc: Update RPCBIND_MAXNETIDLEN (git-fixes). - syscall: fix dereferencing NULL payload with nonzero length (bsc#1045327, bsc#1062471). - tcp: do not inherit fastopen_req from parent (bsc#1038544). - timekeeping: Ignore the bogus sleep time if pm_trace is enabled (bsc#994364). - tracing/kprobes: Enforce kprobes teardown after testing (bnc#1012985). - usb: wusbcore: fix NULL-deref at probe (bsc#1045487). - xen: Linux 3.12.74. - xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924). - xfs: fix a couple error sequence jumps in xfs_mountfs() (bsc#1035531). - xfs: fix coccinelle warnings (bsc#1035531). - xfs: handle error if xfs_btree_get_bufs fails (bsc#1059863). - xfs: use ->b_state to fix buffer I/O accounting release race (bsc#1041160) (bsc#1041160). - xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present (bsc#1058524).

Patchnames

SUSE-OpenStack-Cloud-6-2017-1799,SUSE-SLE-Module-Public-Cloud-12-2017-1799,SUSE-SLE-SAP-12-SP1-2017-1799,SUSE-SLE-SERVER-12-SP1-2017-1799

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         namespace: "https://www.suse.com/support/security/rating/",
         text: "important",
      },
      category: "csaf_security_advisory",
      csaf_version: "2.0",
      distribution: {
         text: "Copyright 2024 SUSE LLC. All rights reserved.",
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "en",
      notes: [
         {
            category: "summary",
            text: "Security update for the Linux Kernel",
            title: "Title of the patch",
         },
         {
            category: "description",
            text: "\n\nThe SUSE Linux Enterprise 12 SP1 LTS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bnc#1064388).\n- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667).\n- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327).\n- CVE-2017-15265: Use-after-free vulnerability in the Linux kernel allowed local users to have unspecified impact via vectors related to /dev/snd/seq (bnc#1062520).\n- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354).\n- CVE-2017-12153: A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel This function did not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash (bnc#1058410).\n- CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel did not ensure that the 'CR8-load exiting' and 'CR8-store exiting' L0 vmcs02 controls exist in cases where L1 omits the 'use TPR shadow' vmcs12 control, which allowed KVM L2 guest OS users to obtain read and write access to the hardware CR8 register (bnc#1058507).\n- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982).\n- CVE-2017-14140: The move_pages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179).\n- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).\n- CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152).\n- CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148).\n- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).\n- CVE-2017-7482: A potential memory corruption was fixed in decoding of krb5 principals in the kernels kerberos handling. (bnc#1046107).\n- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882).\n- CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).\n- CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet (bnc#1049645).\n- CVE-2017-7518: The Linux kernel was vulnerable to an incorrect debug exception(#DB) error. It could occur while emulating a syscall instruction and potentially lead to guest privilege escalation. (bsc#1045922).\n- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982).\n- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981).\n- CVE-2017-1000380: sound/core/timer.c in the Linux kernel was vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents might have been disclosed when a read and an ioctl happen at the same time (bnc#1044125).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).\n- CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (could happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) could overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line (bnc#1039456).\n- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).\n- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).\n- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).\n- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).\n- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879).\n- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544).\n- CVE-2017-7889: The mm subsystem in the Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allowed local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c (bnc#1034405).\n\nThe following new features were implemented:\n- the r8152 network driver was updated to support Realtek RTL8152/RTL8153 Based USB Ethernet Adapters (fate#321482)\n\nThe following non-security bugs were fixed:\n\n- blkback/blktap: do not leak stack data via response ring (bsc#1042863 XSA-216).\n- btrfs: Add WARN_ON for qgroup reserved underflow (bsc#1031515).\n- btrfs: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- btrfs: Check qgroup level in kernel qgroup assign (bsc#1001459).\n- btrfs: qgroup: allow to remove qgroup which has parent but no child (bsc#1001459).\n- btrfs: quota: Automatically update related qgroups or mark INCONSISTENT flags when assigning/deleting a qgroup relations (bsc#1001459).\n- ceph: Correctly return NXIO errors from ceph_llseek (git-fixes).\n- ceph: fix file open flags on ppc64 (git-fixes).\n- ceph: check i_nlink while converting a file handle to dentry (bsc#1039864).\n- drivers/net: delete non-required instances of include &lt;linux/init.h&gt; (bsc#993099).\n- drivers/net/usb: add device id for NVIDIA Tegra USB 3.0 Ethernet (bsc#993099).\n- drivers/net/usb: Add support for 'Lenovo OneLink Pro Dock' (bsc#993099).\n- enic: set skb-&gt;hash type properly (bsc#922871).\n- ext2: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- ext4: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- firmware: dmi_scan: Fix ordering of product_uuid (bsc#1030531).\n- fm10k: correctly check if interface is removed (bsc#922855).\n- fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes).\n- fs: fix data invalidation in the cleancache during direct IO (git-fixes).\n- fs/xattr.c: zero out memory copied to userspace in getxattr (git-fixes).\n- hv: vmbus: Raise retry/wait limits in vmbus_post_msg() (bsc#1023287, bsc#1028217, bsc#1048788).\n- jhash: Update jhash_[321]words functions to use correct initval (git-fixes).\n- kABI: mask an include (bsc#994364).\n- md: ensure md devices are freed before module is unloaded (git-fixes).\n- md/raid0: apply base queue limits *before* disk_stack_limits (git-fixes).\n- md/raid0: update queue parameter in a safer location (git-fixes).\n- md/raid1: do not clear bitmap bit when bad-block-list write fails (git-fixes).\n- md/raid10: do not clear bitmap bit when bad-block-list write fails (git-fixes).\n- md/raid10: ensure device failure recorded before write request returns (git-fixes).\n- mlock: fix mlock count can not decrease in race condition (VM Functionality, bsc#1042696).\n- mlx: Revert the mlx5e_tx_notify_hw() changes.(bsc#1033960)\n- mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check (VM Functionality, bsc#1042832).\n- mm: hugetlb: call huge_pte_alloc() only if ptep is null (VM Functionality, bsc#1042832).\n- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348).\n- netfilter: bridge: Fix the build when IPV6 is disabled (bsc#1027149).\n- net: get rid of SET_ETHTOOL_OPS (bsc#993099).\n- net/usb/r8152: add device id for Lenovo TP USB 3.0 Ethernet (bsc#993099).\n- netvsc: get rid of completion timeouts (bsc#1048788).\n- nfs v4.1: Fix Oopsable condition in server callback races (git-fixes).\n- ocfs2: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- pid_ns: Sleep in TASK_INTERRUPTIBLE in zap_pid_ns_processes (bnc#1012985).\n- powerpc: Add missing error check to prom_find_boot_cpu() (bnc#856774).\n- powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bnc#878240).\n- powerpc/bpf/jit: Disable classic BPF JIT on ppc64le (bsc#1041429, [2017-05-29] Pending SUSE Kernel Fixes).\n- powerpc: Fix bad inline asm constraint in create_zero_mask() (bnc#856774).\n- powerpc/64: Fix flush_(d|i)cache_range() called from modules (bnc#863764).\n- printk: prevent userland from spoofing kernel messages (bsc#1039721).\n- reiserfs: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- rtl8152: correct speed testing (bsc#993099).\n- r8152: add functions to set EEE (bsc#993099).\n- r8152: add MODULE_VERSION (bsc#993099).\n- r8152: add mutex for hw settings (bsc#993099).\n- r8152: add pre_reset and post_reset (bsc#993099).\n- r8152: add reset_resume function (bsc#993099).\n- r8152: add rtl_ops (bsc#993099).\n- r8152: add skb_cow_head (bsc#993099).\n- r8152: add three functions (bsc#993099).\n- r8152: adjust ALDPS function (bsc#993099).\n- r8152: adjust lpm timer (bsc#993099).\n- r8152: adjust rtl_start_rx (bsc#993099).\n- r8152: adjust rx_bottom (bsc#993099).\n- r8152: adjust r8152_submit_rx (bsc#993099).\n- r8152: adjust the line feed for hw_features (bsc#993099).\n- r8152: adjust usb_autopm_xxx (bsc#993099).\n- r8152: autoresume before setting feature (bsc#993099).\n- r8152: autoresume before setting MAC address (bsc#993099).\n- r8152: calculate the dropped packets for rx (bsc#993099).\n- r8152: call rtl_start_rx after netif_carrier_on (bsc#993099).\n- r8152: clear BMCR_PDOWN (bsc#993099).\n- r8152: clear LINK_OFF_WAKE_EN after autoresume (bsc#993099).\n- r8152: clear SELECTIVE_SUSPEND when autoresuming (bsc#993099).\n- r8152: clear the flag of SCHEDULE_TASKLET in tasklet (bsc#993099).\n- r8152: combine PHY reset with set_speed (bsc#993099).\n- r8152: constify ethtool_ops structures (bsc#993099).\n- r8152: correct some messages (bsc#993099).\n- r8152: correct the rx early size (bsc#993099).\n- r8152: deal with the empty line and space (bsc#993099).\n- r8152: disable ALDPS and EEE before setting PHY (bsc#993099).\n- r8152: disable ALDPS (bsc#993099).\n- r8152: disable MAC clock speed down (bsc#993099).\n- r8152: disable power cut for RTL8153 (bsc#993099).\n- r8152: disable teredo for RTL8152 (bsc#993099).\n- r8152: disable the capability of zero length (bsc#993099).\n- r8152: disable the ECM mode (bsc#993099).\n- r8152: disable the tasklet by default (bsc#993099).\n- r8152: do not enable napi before rx ready (bsc#993099).\n- r8152: ecm and vendor modes coexist (bsc#993099).\n- r8152: fix incorrect type in assignment (bsc#993099).\n- r8152: fix lockup when runtime PM is enabled (bsc#993099).\n- r8152: fix runtime function for RTL8152 (bsc#993099).\n- r8152: fix r8152_csum_workaround function (bsc#993099).\n- r8152: fix setting RTL8152_UNPLUG (bsc#993099).\n- r8152: fix the carrier off when autoresuming (bsc#993099).\n- r8152: fix the checking of the usb speed (bsc#993099).\n- r8152: fix the issue about U1/U2 (bsc#993099).\n- r8152: fix the runtime suspend issues (bsc#993099).\n- r8152: fix the submission of the interrupt transfer (bsc#993099).\n- r8152: fix the wake event (bsc#993099).\n- r8152: fix the warnings and a error from checkpatch.pl (bsc#993099).\n- r8152: fix the wrong return value (bsc#993099).\n- r8152: fix tx/rx memory overflow (bsc#993099).\n- r8152: fix wakeup settings (bsc#993099).\n- r8152: change rx early size when the mtu is changed (bsc#993099).\n- r8152: change some definitions (bsc#993099).\n- r8152: change the descriptor (bsc#993099).\n- r8152: change the EEE definition (bsc#993099).\n- r8152: change the location of rtl8152_set_mac_address (bsc#993099).\n- r8152: check code with checkpatch.pl (bsc#993099).\n- r8152: check linking status with netif_carrier_ok (bsc#993099).\n- r8152: check RTL8152_UNPLUG and netif_running before autoresume (bsc#993099).\n- r8152: check RTL8152_UNPLUG (bsc#993099).\n- r8152: check RTL8152_UNPLUG for rtl8152_close (bsc#993099).\n- r8152: check the status before submitting rx (bsc#993099).\n- r8152: check tx agg list before spin lock (bsc#993099).\n- r8152: check WORK_ENABLE in suspend function (bsc#993099).\n- r8152: increase the tx timeout (bsc#993099).\n- r8152: load the default MAC address (bsc#993099).\n- r8152: modify rtl_ops_init (bsc#993099).\n- r8152: modify the check of the flag of PHY_RESET in set_speed function (bsc#993099).\n- r8152: modify the method of accessing PHY (bsc#993099).\n- r8152: modify the tx flow (bsc#993099).\n- r8152: move enabling PHY (bsc#993099).\n- r8152: move PHY settings to hw_phy_cfg (bsc#993099).\n- r8152: move rtl8152_unload and ocp_reg_write (bsc#993099).\n- r8152: move r8152b_get_version (bsc#993099).\n- r8152: move some functions (bsc#993099).\n- r8152: move some functions (bsc#993099).\n- r8152: move some functions from probe to open (bsc#993099).\n- r8152: move the actions of saving the information of the device (bsc#993099).\n- r8152: move the setting for the default speed (bsc#993099).\n- r8152: move the settings of PHY to a work queue (bsc#993099).\n- r8152: nway reset after setting eee (bsc#993099).\n- r8152: redefine REALTEK_USB_DEVICE (bsc#993099).\n- r8152: reduce the frequency of spin_lock (bsc#993099).\n- r8152: reduce the number of Tx (bsc#993099).\n- r8152: remove a netif_carrier_off in rtl8152_open function (bsc#993099).\n- r8152: remove cancel_delayed_work_sync in rtl8152_set_speed (bsc#993099).\n- r8152: remove clearing bp (bsc#993099).\n- r8152: remove generic_ocp_read before writing (bsc#993099).\n- r8152: remove rtl_phy_reset function (bsc#993099).\n- r8152: remove rtl8152_get_stats (bsc#993099).\n- r8152: remove r8153_enable_eee (bsc#993099).\n- r8152: remove sram_read (bsc#993099).\n- r8152: remove the definitions of the PID (bsc#993099).\n- r8152: remove the duplicate init for the list of rx_done (bsc#993099).\n- r8152: remove the setting of LAN_WAKE_EN (bsc#993099).\n- r8152: rename rx_buf_sz (bsc#993099).\n- r8152: rename tx_underun (bsc#993099).\n- r8152: replace get_protocol with vlan_get_protocol (bsc#993099).\n- r8152: replace netdev_alloc_skb_ip_align with napi_alloc_skb (bsc#993099).\n- r8152: replace netif_rx with netif_receive_skb (bsc#993099).\n- r8152: replace some tabs with spaces (bsc#993099).\n- r8152: replace some types from int to bool (bsc#993099).\n- r8152: replace spin_lock_irqsave and spin_unlock_irqrestore (bsc#993099).\n- r8152: replace strncpy with strlcpy (bsc#993099).\n- r8152: replace tasklet with NAPI (bsc#993099).\n- r8152: replace the return value of rtl_ops_init (bsc#993099).\n- r8152: replace tp-&gt;netdev with netdev (bsc#993099).\n- r8152: reset device when tx timeout (bsc#993099).\n- r8152: reset the bmu (bsc#993099).\n- r8152: reset tp-&gt;speed before autoresuming in open function (bsc#993099).\n- r8152: restore hw settings (bsc#993099).\n- r8152: return -EBUSY for runtime suspend (bsc#993099).\n- r8152: save the speed (bsc#993099).\n- r8152: separate USB_RX_EARLY_AGG (bsc#993099).\n- r8152: set disable_hub_initiated_lpm (bsc#993099).\n- r8152: set RTL8152_UNPLUG when finding -ENODEV (bsc#993099).\n- r8152: split DRIVER_VERSION (bsc#993099).\n- r8152: split rtl8152_enable (bsc#993099).\n- r8152: stop submitting intr for -EPROTO (bsc#993099).\n- r8152: support dumping the hw counters (bsc#993099).\n- r8152: support ethtool eee (bsc#993099).\n- r8152: support get_msglevel and set_msglevel (bsc#993099).\n- r8152: support IPv6 (bsc#993099).\n- r8152: support jumbo frame for RTL8153 (bsc#993099).\n- r8152: support nway_reset of ethtool (bsc#993099).\n- r8152: support RTL8153 (bsc#993099).\n- r8152: support runtime suspend (bsc#993099).\n- r8152: support rx checksum (bsc#993099).\n- r8152: support setting rx coalesce (bsc#993099).\n- r8152: support stopping/waking tx queue (bsc#993099).\n- r8152: support the new RTL8153 chip (bsc#993099).\n- r8152: support TSO (bsc#993099).\n- r8152: support VLAN (bsc#993099).\n- r8152: support WOL (bsc#993099).\n- r8152: up the priority of the transmission (bsc#993099).\n- r8152: use BIT macro (bsc#993099).\n- r8152: use eth_hw_addr_random (bsc#993099).\n- r8152: Use kmemdup instead of kmalloc + memcpy (bsc#993099).\n- r8152: use test_and_clear_bit (bsc#993099).\n- r8152: use usleep_range (bsc#993099).\n- r8152: wake up the device before dumping the hw counter (bsc#993099).\n- scsi: qla2xxx: Get mutex lock before checking optrom_state (bsc#1053317).\n- sched/fair: Fix min_vruntime tracking (bnc#1012985).\n- sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded systems (bnc#1012985).\n- sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1012985).\n- sunrpc: Update RPCBIND_MAXNETIDLEN (git-fixes).\n- syscall: fix dereferencing NULL payload with nonzero length (bsc#1045327, bsc#1062471).\n- tcp: do not inherit fastopen_req from parent (bsc#1038544).\n- timekeeping: Ignore the bogus sleep time if pm_trace is enabled (bsc#994364).\n- tracing/kprobes: Enforce kprobes teardown after testing (bnc#1012985).\n- usb: wusbcore: fix NULL-deref at probe (bsc#1045487).\n- xen: Linux 3.12.74.\n- xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924).\n- xfs: fix a couple error sequence jumps in xfs_mountfs() (bsc#1035531).\n- xfs: fix coccinelle warnings (bsc#1035531).\n- xfs: handle error if xfs_btree_get_bufs fails (bsc#1059863).\n- xfs: use -&gt;b_state to fix buffer I/O accounting release race (bsc#1041160) (bsc#1041160).\n- xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present (bsc#1058524).\n",
            title: "Description of the patch",
         },
         {
            category: "details",
            text: "SUSE-OpenStack-Cloud-6-2017-1799,SUSE-SLE-Module-Public-Cloud-12-2017-1799,SUSE-SLE-SAP-12-SP1-2017-1799,SUSE-SLE-SERVER-12-SP1-2017-1799",
            title: "Patchnames",
         },
         {
            category: "legal_disclaimer",
            text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
            title: "Terms of use",
         },
      ],
      publisher: {
         category: "vendor",
         contact_details: "https://www.suse.com/support/security/contact/",
         name: "SUSE Product Security Team",
         namespace: "https://www.suse.com/",
      },
      references: [
         {
            category: "external",
            summary: "SUSE ratings",
            url: "https://www.suse.com/support/security/rating/",
         },
         {
            category: "self",
            summary: "URL of this CSAF notice",
            url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2908-1.json",
         },
         {
            category: "self",
            summary: "URL for SUSE-SU-2017:2908-1",
            url: "https://www.suse.com/support/update/announcement/2017/suse-su-20172908-1/",
         },
         {
            category: "self",
            summary: "E-Mail link for SUSE-SU-2017:2908-1",
            url: "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003366.html",
         },
         {
            category: "self",
            summary: "SUSE Bug 1001459",
            url: "https://bugzilla.suse.com/1001459",
         },
         {
            category: "self",
            summary: "SUSE Bug 1012985",
            url: "https://bugzilla.suse.com/1012985",
         },
         {
            category: "self",
            summary: "SUSE Bug 1023287",
            url: "https://bugzilla.suse.com/1023287",
         },
         {
            category: "self",
            summary: "SUSE Bug 1027149",
            url: "https://bugzilla.suse.com/1027149",
         },
         {
            category: "self",
            summary: "SUSE Bug 1028217",
            url: "https://bugzilla.suse.com/1028217",
         },
         {
            category: "self",
            summary: "SUSE Bug 1030531",
            url: "https://bugzilla.suse.com/1030531",
         },
         {
            category: "self",
            summary: "SUSE Bug 1030552",
            url: "https://bugzilla.suse.com/1030552",
         },
         {
            category: "self",
            summary: "SUSE Bug 1031515",
            url: "https://bugzilla.suse.com/1031515",
         },
         {
            category: "self",
            summary: "SUSE Bug 1033960",
            url: "https://bugzilla.suse.com/1033960",
         },
         {
            category: "self",
            summary: "SUSE Bug 1034405",
            url: "https://bugzilla.suse.com/1034405",
         },
         {
            category: "self",
            summary: "SUSE Bug 1035531",
            url: "https://bugzilla.suse.com/1035531",
         },
         {
            category: "self",
            summary: "SUSE Bug 1035738",
            url: "https://bugzilla.suse.com/1035738",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037182",
            url: "https://bugzilla.suse.com/1037182",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037183",
            url: "https://bugzilla.suse.com/1037183",
         },
         {
            category: "self",
            summary: "SUSE Bug 1037994",
            url: "https://bugzilla.suse.com/1037994",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038544",
            url: "https://bugzilla.suse.com/1038544",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038564",
            url: "https://bugzilla.suse.com/1038564",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038879",
            url: "https://bugzilla.suse.com/1038879",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038883",
            url: "https://bugzilla.suse.com/1038883",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038981",
            url: "https://bugzilla.suse.com/1038981",
         },
         {
            category: "self",
            summary: "SUSE Bug 1038982",
            url: "https://bugzilla.suse.com/1038982",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039348",
            url: "https://bugzilla.suse.com/1039348",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039354",
            url: "https://bugzilla.suse.com/1039354",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039456",
            url: "https://bugzilla.suse.com/1039456",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039721",
            url: "https://bugzilla.suse.com/1039721",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039864",
            url: "https://bugzilla.suse.com/1039864",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039882",
            url: "https://bugzilla.suse.com/1039882",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039883",
            url: "https://bugzilla.suse.com/1039883",
         },
         {
            category: "self",
            summary: "SUSE Bug 1039885",
            url: "https://bugzilla.suse.com/1039885",
         },
         {
            category: "self",
            summary: "SUSE Bug 1040069",
            url: "https://bugzilla.suse.com/1040069",
         },
         {
            category: "self",
            summary: "SUSE Bug 1041160",
            url: "https://bugzilla.suse.com/1041160",
         },
         {
            category: "self",
            summary: "SUSE Bug 1041429",
            url: "https://bugzilla.suse.com/1041429",
         },
         {
            category: "self",
            summary: "SUSE Bug 1041431",
            url: "https://bugzilla.suse.com/1041431",
         },
         {
            category: "self",
            summary: "SUSE Bug 1042696",
            url: "https://bugzilla.suse.com/1042696",
         },
         {
            category: "self",
            summary: "SUSE Bug 1042832",
            url: "https://bugzilla.suse.com/1042832",
         },
         {
            category: "self",
            summary: "SUSE Bug 1042863",
            url: "https://bugzilla.suse.com/1042863",
         },
         {
            category: "self",
            summary: "SUSE Bug 1044125",
            url: "https://bugzilla.suse.com/1044125",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045327",
            url: "https://bugzilla.suse.com/1045327",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045487",
            url: "https://bugzilla.suse.com/1045487",
         },
         {
            category: "self",
            summary: "SUSE Bug 1045922",
            url: "https://bugzilla.suse.com/1045922",
         },
         {
            category: "self",
            summary: "SUSE Bug 1046107",
            url: "https://bugzilla.suse.com/1046107",
         },
         {
            category: "self",
            summary: "SUSE Bug 1048275",
            url: "https://bugzilla.suse.com/1048275",
         },
         {
            category: "self",
            summary: "SUSE Bug 1048788",
            url: "https://bugzilla.suse.com/1048788",
         },
         {
            category: "self",
            summary: "SUSE Bug 1049645",
            url: "https://bugzilla.suse.com/1049645",
         },
         {
            category: "self",
            summary: "SUSE Bug 1049882",
            url: "https://bugzilla.suse.com/1049882",
         },
         {
            category: "self",
            summary: "SUSE Bug 1053148",
            url: "https://bugzilla.suse.com/1053148",
         },
         {
            category: "self",
            summary: "SUSE Bug 1053152",
            url: "https://bugzilla.suse.com/1053152",
         },
         {
            category: "self",
            summary: "SUSE Bug 1053317",
            url: "https://bugzilla.suse.com/1053317",
         },
         {
            category: "self",
            summary: "SUSE Bug 1056588",
            url: "https://bugzilla.suse.com/1056588",
         },
         {
            category: "self",
            summary: "SUSE Bug 1056982",
            url: "https://bugzilla.suse.com/1056982",
         },
         {
            category: "self",
            summary: "SUSE Bug 1057179",
            url: "https://bugzilla.suse.com/1057179",
         },
         {
            category: "self",
            summary: "SUSE Bug 1058410",
            url: "https://bugzilla.suse.com/1058410",
         },
         {
            category: "self",
            summary: "SUSE Bug 1058507",
            url: "https://bugzilla.suse.com/1058507",
         },
         {
            category: "self",
            summary: "SUSE Bug 1058524",
            url: "https://bugzilla.suse.com/1058524",
         },
         {
            category: "self",
            summary: "SUSE Bug 1059863",
            url: "https://bugzilla.suse.com/1059863",
         },
         {
            category: "self",
            summary: "SUSE Bug 1062471",
            url: "https://bugzilla.suse.com/1062471",
         },
         {
            category: "self",
            summary: "SUSE Bug 1062520",
            url: "https://bugzilla.suse.com/1062520",
         },
         {
            category: "self",
            summary: "SUSE Bug 1063667",
            url: "https://bugzilla.suse.com/1063667",
         },
         {
            category: "self",
            summary: "SUSE Bug 1064388",
            url: "https://bugzilla.suse.com/1064388",
         },
         {
            category: "self",
            summary: "SUSE Bug 856774",
            url: "https://bugzilla.suse.com/856774",
         },
         {
            category: "self",
            summary: "SUSE Bug 860250",
            url: "https://bugzilla.suse.com/860250",
         },
         {
            category: "self",
            summary: "SUSE Bug 863764",
            url: "https://bugzilla.suse.com/863764",
         },
         {
            category: "self",
            summary: "SUSE Bug 878240",
            url: "https://bugzilla.suse.com/878240",
         },
         {
            category: "self",
            summary: "SUSE Bug 922855",
            url: "https://bugzilla.suse.com/922855",
         },
         {
            category: "self",
            summary: "SUSE Bug 922871",
            url: "https://bugzilla.suse.com/922871",
         },
         {
            category: "self",
            summary: "SUSE Bug 986924",
            url: "https://bugzilla.suse.com/986924",
         },
         {
            category: "self",
            summary: "SUSE Bug 993099",
            url: "https://bugzilla.suse.com/993099",
         },
         {
            category: "self",
            summary: "SUSE Bug 994364",
            url: "https://bugzilla.suse.com/994364",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-1000363 page",
            url: "https://www.suse.com/security/cve/CVE-2017-1000363/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-1000365 page",
            url: "https://www.suse.com/security/cve/CVE-2017-1000365/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-1000380 page",
            url: "https://www.suse.com/security/cve/CVE-2017-1000380/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-10661 page",
            url: "https://www.suse.com/security/cve/CVE-2017-10661/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-11176 page",
            url: "https://www.suse.com/security/cve/CVE-2017-11176/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-12153 page",
            url: "https://www.suse.com/security/cve/CVE-2017-12153/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-12154 page",
            url: "https://www.suse.com/security/cve/CVE-2017-12154/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-12762 page",
            url: "https://www.suse.com/security/cve/CVE-2017-12762/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-13080 page",
            url: "https://www.suse.com/security/cve/CVE-2017-13080/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-14051 page",
            url: "https://www.suse.com/security/cve/CVE-2017-14051/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-14106 page",
            url: "https://www.suse.com/security/cve/CVE-2017-14106/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-14140 page",
            url: "https://www.suse.com/security/cve/CVE-2017-14140/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-15265 page",
            url: "https://www.suse.com/security/cve/CVE-2017-15265/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-15274 page",
            url: "https://www.suse.com/security/cve/CVE-2017-15274/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-15649 page",
            url: "https://www.suse.com/security/cve/CVE-2017-15649/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7482 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7482/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7487 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7487/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7518 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7518/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7541 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7541/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7542 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7542/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-7889 page",
            url: "https://www.suse.com/security/cve/CVE-2017-7889/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-8831 page",
            url: "https://www.suse.com/security/cve/CVE-2017-8831/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-8890 page",
            url: "https://www.suse.com/security/cve/CVE-2017-8890/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-8924 page",
            url: "https://www.suse.com/security/cve/CVE-2017-8924/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-8925 page",
            url: "https://www.suse.com/security/cve/CVE-2017-8925/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9074 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9074/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9075 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9075/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9076 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9076/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9077 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9077/",
         },
         {
            category: "self",
            summary: "SUSE CVE CVE-2017-9242 page",
            url: "https://www.suse.com/security/cve/CVE-2017-9242/",
         },
      ],
      title: "Security update for the Linux Kernel",
      tracking: {
         current_release_date: "2017-10-30T15:09:11Z",
         generator: {
            date: "2017-10-30T15:09:11Z",
            engine: {
               name: "cve-database.git:bin/generate-csaf.pl",
               version: "1",
            },
         },
         id: "SUSE-SU-2017:2908-1",
         initial_release_date: "2017-10-30T15:09:11Z",
         revision_history: [
            {
               date: "2017-10-30T15:09:11Z",
               number: "1",
               summary: "Current version",
            },
         ],
         status: "final",
         version: "1",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-devel-3.12.74-60.64.63.1.noarch",
                        product: {
                           name: "kernel-devel-3.12.74-60.64.63.1.noarch",
                           product_id: "kernel-devel-3.12.74-60.64.63.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-macros-3.12.74-60.64.63.1.noarch",
                        product: {
                           name: "kernel-macros-3.12.74-60.64.63.1.noarch",
                           product_id: "kernel-macros-3.12.74-60.64.63.1.noarch",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-source-3.12.74-60.64.63.1.noarch",
                        product: {
                           name: "kernel-source-3.12.74-60.64.63.1.noarch",
                           product_id: "kernel-source-3.12.74-60.64.63.1.noarch",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "noarch",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-default-3.12.74-60.64.63.1.ppc64le",
                        product: {
                           name: "kernel-default-3.12.74-60.64.63.1.ppc64le",
                           product_id: "kernel-default-3.12.74-60.64.63.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                        product: {
                           name: "kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                           product_id: "kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                        product: {
                           name: "kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                           product_id: "kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-syms-3.12.74-60.64.63.1.ppc64le",
                        product: {
                           name: "kernel-syms-3.12.74-60.64.63.1.ppc64le",
                           product_id: "kernel-syms-3.12.74-60.64.63.1.ppc64le",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "ppc64le",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-default-3.12.74-60.64.63.1.s390x",
                        product: {
                           name: "kernel-default-3.12.74-60.64.63.1.s390x",
                           product_id: "kernel-default-3.12.74-60.64.63.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-base-3.12.74-60.64.63.1.s390x",
                        product: {
                           name: "kernel-default-base-3.12.74-60.64.63.1.s390x",
                           product_id: "kernel-default-base-3.12.74-60.64.63.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-devel-3.12.74-60.64.63.1.s390x",
                        product: {
                           name: "kernel-default-devel-3.12.74-60.64.63.1.s390x",
                           product_id: "kernel-default-devel-3.12.74-60.64.63.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-man-3.12.74-60.64.63.1.s390x",
                        product: {
                           name: "kernel-default-man-3.12.74-60.64.63.1.s390x",
                           product_id: "kernel-default-man-3.12.74-60.64.63.1.s390x",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-syms-3.12.74-60.64.63.1.s390x",
                        product: {
                           name: "kernel-syms-3.12.74-60.64.63.1.s390x",
                           product_id: "kernel-syms-3.12.74-60.64.63.1.s390x",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "s390x",
               },
               {
                  branches: [
                     {
                        category: "product_version",
                        name: "kernel-default-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-default-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-default-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-base-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-default-base-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-default-base-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-syms-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-syms-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-syms-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-xen-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-xen-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-xen-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                        product: {
                           name: "kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                           product_id: "kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                        product: {
                           name: "kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                           product_id: "kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-ec2-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-ec2-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-ec2-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                     {
                        category: "product_version",
                        name: "kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                        product: {
                           name: "kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                           product_id: "kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                        },
                     },
                  ],
                  category: "architecture",
                  name: "x86_64",
               },
               {
                  branches: [
                     {
                        category: "product_name",
                        name: "SUSE OpenStack Cloud 6",
                        product: {
                           name: "SUSE OpenStack Cloud 6",
                           product_id: "SUSE OpenStack Cloud 6",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:suse-openstack-cloud:6",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Module for Public Cloud 12",
                        product: {
                           name: "SUSE Linux Enterprise Module for Public Cloud 12",
                           product_id: "SUSE Linux Enterprise Module for Public Cloud 12",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sle-module-public-cloud:12",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                        product: {
                           name: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                           product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles_sap:12:sp1",
                           },
                        },
                     },
                     {
                        category: "product_name",
                        name: "SUSE Linux Enterprise Server 12 SP1-LTSS",
                        product: {
                           name: "SUSE Linux Enterprise Server 12 SP1-LTSS",
                           product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS",
                           product_identification_helper: {
                              cpe: "cpe:/o:suse:sles-ltss:12:sp1",
                           },
                        },
                     },
                  ],
                  category: "product_family",
                  name: "SUSE Linux Enterprise",
               },
            ],
            category: "vendor",
            name: "SUSE",
         },
      ],
      relationships: [
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-3.12.74-60.64.63.1.x86_64 as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-default-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-base-3.12.74-60.64.63.1.x86_64 as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-default-base-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-devel-3.12.74-60.64.63.1.x86_64 as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-default-devel-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-devel-3.12.74-60.64.63.1.noarch as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
            },
            product_reference: "kernel-devel-3.12.74-60.64.63.1.noarch",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-macros-3.12.74-60.64.63.1.noarch as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
            },
            product_reference: "kernel-macros-3.12.74-60.64.63.1.noarch",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-source-3.12.74-60.64.63.1.noarch as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
            },
            product_reference: "kernel-source-3.12.74-60.64.63.1.noarch",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-3.12.74-60.64.63.1.x86_64 as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-syms-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-3.12.74-60.64.63.1.x86_64 as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-xen-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-base-3.12.74-60.64.63.1.x86_64 as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-xen-base-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-devel-3.12.74-60.64.63.1.x86_64 as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64 as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
            },
            product_reference: "kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64 as component of SUSE OpenStack Cloud 6",
               product_id: "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            },
            product_reference: "kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            relates_to_product_reference: "SUSE OpenStack Cloud 6",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-ec2-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
               product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-ec2-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-ec2-devel-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
               product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-ec2-extra-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
               product_id: "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Module for Public Cloud 12",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-3.12.74-60.64.63.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
            },
            product_reference: "kernel-default-3.12.74-60.64.63.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-default-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-base-3.12.74-60.64.63.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
            },
            product_reference: "kernel-default-base-3.12.74-60.64.63.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-base-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-default-base-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-devel-3.12.74-60.64.63.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
            },
            product_reference: "kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-devel-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-default-devel-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-devel-3.12.74-60.64.63.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
            },
            product_reference: "kernel-devel-3.12.74-60.64.63.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-macros-3.12.74-60.64.63.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
            },
            product_reference: "kernel-macros-3.12.74-60.64.63.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-source-3.12.74-60.64.63.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
            },
            product_reference: "kernel-source-3.12.74-60.64.63.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-3.12.74-60.64.63.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
            },
            product_reference: "kernel-syms-3.12.74-60.64.63.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-syms-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-xen-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-base-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-xen-base-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-devel-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
            },
            product_reference: "kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
               product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            },
            product_reference: "kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-3.12.74-60.64.63.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
            },
            product_reference: "kernel-default-3.12.74-60.64.63.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-3.12.74-60.64.63.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
            },
            product_reference: "kernel-default-3.12.74-60.64.63.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-default-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-base-3.12.74-60.64.63.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
            },
            product_reference: "kernel-default-base-3.12.74-60.64.63.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-base-3.12.74-60.64.63.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
            },
            product_reference: "kernel-default-base-3.12.74-60.64.63.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-base-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-default-base-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-devel-3.12.74-60.64.63.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
            },
            product_reference: "kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-devel-3.12.74-60.64.63.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
            },
            product_reference: "kernel-default-devel-3.12.74-60.64.63.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-devel-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-default-devel-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-default-man-3.12.74-60.64.63.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
            },
            product_reference: "kernel-default-man-3.12.74-60.64.63.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-devel-3.12.74-60.64.63.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
            },
            product_reference: "kernel-devel-3.12.74-60.64.63.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-macros-3.12.74-60.64.63.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
            },
            product_reference: "kernel-macros-3.12.74-60.64.63.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-source-3.12.74-60.64.63.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
            },
            product_reference: "kernel-source-3.12.74-60.64.63.1.noarch",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-3.12.74-60.64.63.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
            },
            product_reference: "kernel-syms-3.12.74-60.64.63.1.ppc64le",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-3.12.74-60.64.63.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
            },
            product_reference: "kernel-syms-3.12.74-60.64.63.1.s390x",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-syms-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-syms-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-xen-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-base-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-xen-base-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kernel-xen-devel-3.12.74-60.64.63.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
            },
            product_reference: "kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
            },
            product_reference: "kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
         {
            category: "default_component_of",
            full_product_name: {
               name: "kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
               product_id: "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            },
            product_reference: "kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP1-LTSS",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2017-1000363",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-1000363",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-1000363",
               url: "https://www.suse.com/security/cve/CVE-2017-1000363",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039456 for CVE-2017-1000363",
               url: "https://bugzilla.suse.com/1039456",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-1000363",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.8,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-1000363",
      },
      {
         cve: "CVE-2017-1000365",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-1000365",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-1000365",
               url: "https://www.suse.com/security/cve/CVE-2017-1000365",
            },
            {
               category: "external",
               summary: "SUSE Bug 1037551 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1037551",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039346 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1039346",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039349 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1039349",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039354 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1039354",
            },
            {
               category: "external",
               summary: "SUSE Bug 1054557 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1054557",
            },
            {
               category: "external",
               summary: "SUSE Bug 1077345 for CVE-2017-1000365",
               url: "https://bugzilla.suse.com/1077345",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 2.9,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "low",
            },
         ],
         title: "CVE-2017-1000365",
      },
      {
         cve: "CVE-2017-1000380",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-1000380",
            },
         ],
         notes: [
            {
               category: "general",
               text: "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-1000380",
               url: "https://www.suse.com/security/cve/CVE-2017-1000380",
            },
            {
               category: "external",
               summary: "SUSE Bug 1044125 for CVE-2017-1000380",
               url: "https://bugzilla.suse.com/1044125",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "low",
            },
         ],
         title: "CVE-2017-1000380",
      },
      {
         cve: "CVE-2017-10661",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-10661",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-10661",
               url: "https://www.suse.com/security/cve/CVE-2017-10661",
            },
            {
               category: "external",
               summary: "SUSE Bug 1053152 for CVE-2017-10661",
               url: "https://bugzilla.suse.com/1053152",
            },
            {
               category: "external",
               summary: "SUSE Bug 1053153 for CVE-2017-10661",
               url: "https://bugzilla.suse.com/1053153",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-10661",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.4,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-10661",
      },
      {
         cve: "CVE-2017-11176",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-11176",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-11176",
               url: "https://www.suse.com/security/cve/CVE-2017-11176",
            },
            {
               category: "external",
               summary: "SUSE Bug 1048275 for CVE-2017-11176",
               url: "https://bugzilla.suse.com/1048275",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-11176",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.3,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-11176",
      },
      {
         cve: "CVE-2017-12153",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-12153",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-12153",
               url: "https://www.suse.com/security/cve/CVE-2017-12153",
            },
            {
               category: "external",
               summary: "SUSE Bug 1058410 for CVE-2017-12153",
               url: "https://bugzilla.suse.com/1058410",
            },
            {
               category: "external",
               summary: "SUSE Bug 1058624 for CVE-2017-12153",
               url: "https://bugzilla.suse.com/1058624",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-12153",
      },
      {
         cve: "CVE-2017-12154",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-12154",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the \"CR8-load exiting\" and \"CR8-store exiting\" L0 vmcs02 controls exist in cases where L1 omits the \"use TPR shadow\" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-12154",
               url: "https://www.suse.com/security/cve/CVE-2017-12154",
            },
            {
               category: "external",
               summary: "SUSE Bug 1058038 for CVE-2017-12154",
               url: "https://bugzilla.suse.com/1058038",
            },
            {
               category: "external",
               summary: "SUSE Bug 1058507 for CVE-2017-12154",
               url: "https://bugzilla.suse.com/1058507",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-12154",
      },
      {
         cve: "CVE-2017-12762",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-12762",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-12762",
               url: "https://www.suse.com/security/cve/CVE-2017-12762",
            },
            {
               category: "external",
               summary: "SUSE Bug 1053148 for CVE-2017-12762",
               url: "https://bugzilla.suse.com/1053148",
            },
            {
               category: "external",
               summary: "SUSE Bug 1053150 for CVE-2017-12762",
               url: "https://bugzilla.suse.com/1053150",
            },
            {
               category: "external",
               summary: "SUSE Bug 1072117 for CVE-2017-12762",
               url: "https://bugzilla.suse.com/1072117",
            },
            {
               category: "external",
               summary: "SUSE Bug 1072162 for CVE-2017-12762",
               url: "https://bugzilla.suse.com/1072162",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-12762",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-12762",
      },
      {
         cve: "CVE-2017-13080",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-13080",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-13080",
               url: "https://www.suse.com/security/cve/CVE-2017-13080",
            },
            {
               category: "external",
               summary: "SUSE Bug 1056061 for CVE-2017-13080",
               url: "https://bugzilla.suse.com/1056061",
            },
            {
               category: "external",
               summary: "SUSE Bug 1063479 for CVE-2017-13080",
               url: "https://bugzilla.suse.com/1063479",
            },
            {
               category: "external",
               summary: "SUSE Bug 1063667 for CVE-2017-13080",
               url: "https://bugzilla.suse.com/1063667",
            },
            {
               category: "external",
               summary: "SUSE Bug 1063671 for CVE-2017-13080",
               url: "https://bugzilla.suse.com/1063671",
            },
            {
               category: "external",
               summary: "SUSE Bug 1066295 for CVE-2017-13080",
               url: "https://bugzilla.suse.com/1066295",
            },
            {
               category: "external",
               summary: "SUSE Bug 1105108 for CVE-2017-13080",
               url: "https://bugzilla.suse.com/1105108",
            },
            {
               category: "external",
               summary: "SUSE Bug 1178872 for CVE-2017-13080",
               url: "https://bugzilla.suse.com/1178872",
            },
            {
               category: "external",
               summary: "SUSE Bug 1179588 for CVE-2017-13080",
               url: "https://bugzilla.suse.com/1179588",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 8.1,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-13080",
      },
      {
         cve: "CVE-2017-14051",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-14051",
            },
         ],
         notes: [
            {
               category: "general",
               text: "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-14051",
               url: "https://www.suse.com/security/cve/CVE-2017-14051",
            },
            {
               category: "external",
               summary: "SUSE Bug 1056588 for CVE-2017-14051",
               url: "https://bugzilla.suse.com/1056588",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-14051",
      },
      {
         cve: "CVE-2017-14106",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-14106",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-14106",
               url: "https://www.suse.com/security/cve/CVE-2017-14106",
            },
            {
               category: "external",
               summary: "SUSE Bug 1056982 for CVE-2017-14106",
               url: "https://bugzilla.suse.com/1056982",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-14106",
      },
      {
         cve: "CVE-2017-14140",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-14140",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-14140",
               url: "https://www.suse.com/security/cve/CVE-2017-14140",
            },
            {
               category: "external",
               summary: "SUSE Bug 1057179 for CVE-2017-14140",
               url: "https://bugzilla.suse.com/1057179",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 3.3,
                  baseSeverity: "LOW",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "low",
            },
         ],
         title: "CVE-2017-14140",
      },
      {
         cve: "CVE-2017-15265",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-15265",
            },
         ],
         notes: [
            {
               category: "general",
               text: "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-15265",
               url: "https://www.suse.com/security/cve/CVE-2017-15265",
            },
            {
               category: "external",
               summary: "SUSE Bug 1062520 for CVE-2017-15265",
               url: "https://bugzilla.suse.com/1062520",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-15265",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-15265",
      },
      {
         cve: "CVE-2017-15274",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-15274",
            },
         ],
         notes: [
            {
               category: "general",
               text: "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-15274",
               url: "https://www.suse.com/security/cve/CVE-2017-15274",
            },
            {
               category: "external",
               summary: "SUSE Bug 1045327 for CVE-2017-15274",
               url: "https://bugzilla.suse.com/1045327",
            },
            {
               category: "external",
               summary: "SUSE Bug 1062471 for CVE-2017-15274",
               url: "https://bugzilla.suse.com/1062471",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-15274",
      },
      {
         cve: "CVE-2017-15649",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-15649",
            },
         ],
         notes: [
            {
               category: "general",
               text: "net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-15649",
               url: "https://www.suse.com/security/cve/CVE-2017-15649",
            },
            {
               category: "external",
               summary: "SUSE Bug 1064388 for CVE-2017-15649",
               url: "https://bugzilla.suse.com/1064388",
            },
            {
               category: "external",
               summary: "SUSE Bug 1064392 for CVE-2017-15649",
               url: "https://bugzilla.suse.com/1064392",
            },
            {
               category: "external",
               summary: "SUSE Bug 1087082 for CVE-2017-15649",
               url: "https://bugzilla.suse.com/1087082",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-15649",
      },
      {
         cve: "CVE-2017-7482",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7482",
            },
         ],
         notes: [
            {
               category: "general",
               text: "In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7482",
               url: "https://www.suse.com/security/cve/CVE-2017-7482",
            },
            {
               category: "external",
               summary: "SUSE Bug 1046107 for CVE-2017-7482",
               url: "https://bugzilla.suse.com/1046107",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-7482",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.6,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7482",
      },
      {
         cve: "CVE-2017-7487",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7487",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7487",
               url: "https://www.suse.com/security/cve/CVE-2017-7487",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038879 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1038879",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038883 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1038883",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038981 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1038981",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038982 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1038982",
            },
            {
               category: "external",
               summary: "SUSE Bug 1072204 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1072204",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/1115893",
            },
            {
               category: "external",
               summary: "SUSE Bug 870618 for CVE-2017-7487",
               url: "https://bugzilla.suse.com/870618",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.1",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7487",
      },
      {
         cve: "CVE-2017-7518",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7518",
            },
         ],
         notes: [
            {
               category: "general",
               text: "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7518",
               url: "https://www.suse.com/security/cve/CVE-2017-7518",
            },
            {
               category: "external",
               summary: "SUSE Bug 1045922 for CVE-2017-7518",
               url: "https://bugzilla.suse.com/1045922",
            },
            {
               category: "external",
               summary: "SUSE Bug 1087082 for CVE-2017-7518",
               url: "https://bugzilla.suse.com/1087082",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.3,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7518",
      },
      {
         cve: "CVE-2017-7541",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7541",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7541",
               url: "https://www.suse.com/security/cve/CVE-2017-7541",
            },
            {
               category: "external",
               summary: "SUSE Bug 1049645 for CVE-2017-7541",
               url: "https://bugzilla.suse.com/1049645",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7541",
      },
      {
         cve: "CVE-2017-7542",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7542",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7542",
               url: "https://www.suse.com/security/cve/CVE-2017-7542",
            },
            {
               category: "external",
               summary: "SUSE Bug 1049882 for CVE-2017-7542",
               url: "https://bugzilla.suse.com/1049882",
            },
            {
               category: "external",
               summary: "SUSE Bug 1061936 for CVE-2017-7542",
               url: "https://bugzilla.suse.com/1061936",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7542",
      },
      {
         cve: "CVE-2017-7889",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-7889",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-7889",
               url: "https://www.suse.com/security/cve/CVE-2017-7889",
            },
            {
               category: "external",
               summary: "SUSE Bug 1034405 for CVE-2017-7889",
               url: "https://bugzilla.suse.com/1034405",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.9,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-7889",
      },
      {
         cve: "CVE-2017-8831",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-8831",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-8831",
               url: "https://www.suse.com/security/cve/CVE-2017-8831",
            },
            {
               category: "external",
               summary: "SUSE Bug 1037994 for CVE-2017-8831",
               url: "https://bugzilla.suse.com/1037994",
            },
            {
               category: "external",
               summary: "SUSE Bug 1061936 for CVE-2017-8831",
               url: "https://bugzilla.suse.com/1061936",
            },
            {
               category: "external",
               summary: "SUSE Bug 1087082 for CVE-2017-8831",
               url: "https://bugzilla.suse.com/1087082",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-8831",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.7,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-8831",
      },
      {
         cve: "CVE-2017-8890",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-8890",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-8890",
               url: "https://www.suse.com/security/cve/CVE-2017-8890",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038544 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1038544",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038564 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1038564",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039883 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1039883",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039885 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1039885",
            },
            {
               category: "external",
               summary: "SUSE Bug 1040069 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1040069",
            },
            {
               category: "external",
               summary: "SUSE Bug 1042364 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1042364",
            },
            {
               category: "external",
               summary: "SUSE Bug 1051906 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1051906",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-8890",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-8890",
      },
      {
         cve: "CVE-2017-8924",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-8924",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-8924",
               url: "https://www.suse.com/security/cve/CVE-2017-8924",
            },
            {
               category: "external",
               summary: "SUSE Bug 1037182 for CVE-2017-8924",
               url: "https://bugzilla.suse.com/1037182",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038981 for CVE-2017-8924",
               url: "https://bugzilla.suse.com/1038981",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038982 for CVE-2017-8924",
               url: "https://bugzilla.suse.com/1038982",
            },
            {
               category: "external",
               summary: "SUSE Bug 870618 for CVE-2017-8924",
               url: "https://bugzilla.suse.com/870618",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "low",
            },
         ],
         title: "CVE-2017-8924",
      },
      {
         cve: "CVE-2017-8925",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-8925",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-8925",
               url: "https://www.suse.com/security/cve/CVE-2017-8925",
            },
            {
               category: "external",
               summary: "SUSE Bug 1037183 for CVE-2017-8925",
               url: "https://bugzilla.suse.com/1037183",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038981 for CVE-2017-8925",
               url: "https://bugzilla.suse.com/1038981",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038982 for CVE-2017-8925",
               url: "https://bugzilla.suse.com/1038982",
            },
            {
               category: "external",
               summary: "SUSE Bug 870618 for CVE-2017-8925",
               url: "https://bugzilla.suse.com/870618",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 4,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "low",
            },
         ],
         title: "CVE-2017-8925",
      },
      {
         cve: "CVE-2017-9074",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9074",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9074",
               url: "https://www.suse.com/security/cve/CVE-2017-9074",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039882 for CVE-2017-9074",
               url: "https://bugzilla.suse.com/1039882",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-9074",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "moderate",
            },
         ],
         title: "CVE-2017-9074",
      },
      {
         cve: "CVE-2017-9075",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9075",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9075",
               url: "https://www.suse.com/security/cve/CVE-2017-9075",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038544 for CVE-2017-9075",
               url: "https://bugzilla.suse.com/1038544",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039883 for CVE-2017-9075",
               url: "https://bugzilla.suse.com/1039883",
            },
            {
               category: "external",
               summary: "SUSE Bug 1051906 for CVE-2017-9075",
               url: "https://bugzilla.suse.com/1051906",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-9075",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-9075",
      },
      {
         cve: "CVE-2017-9076",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9076",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9076",
               url: "https://www.suse.com/security/cve/CVE-2017-9076",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038544 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1038544",
            },
            {
               category: "external",
               summary: "SUSE Bug 1039885 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1039885",
            },
            {
               category: "external",
               summary: "SUSE Bug 1040069 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1040069",
            },
            {
               category: "external",
               summary: "SUSE Bug 1051906 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1051906",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-9076",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 6.2,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-9076",
      },
      {
         cve: "CVE-2017-9077",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9077",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9077",
               url: "https://www.suse.com/security/cve/CVE-2017-9077",
            },
            {
               category: "external",
               summary: "SUSE Bug 1038544 for CVE-2017-9077",
               url: "https://bugzilla.suse.com/1038544",
            },
            {
               category: "external",
               summary: "SUSE Bug 1040069 for CVE-2017-9077",
               url: "https://bugzilla.suse.com/1040069",
            },
            {
               category: "external",
               summary: "SUSE Bug 1042364 for CVE-2017-9077",
               url: "https://bugzilla.suse.com/1042364",
            },
            {
               category: "external",
               summary: "SUSE Bug 1115893 for CVE-2017-9077",
               url: "https://bugzilla.suse.com/1115893",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-9077",
      },
      {
         cve: "CVE-2017-9242",
         ids: [
            {
               system_name: "SUSE CVE Page",
               text: "https://www.suse.com/security/cve/CVE-2017-9242",
            },
         ],
         notes: [
            {
               category: "general",
               text: "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
               title: "CVE description",
            },
         ],
         product_status: {
            recommended: [
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
               "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
               "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
            ],
         },
         references: [
            {
               category: "external",
               summary: "CVE-2017-9242",
               url: "https://www.suse.com/security/cve/CVE-2017-9242",
            },
            {
               category: "external",
               summary: "SUSE Bug 1041431 for CVE-2017-9242",
               url: "https://bugzilla.suse.com/1041431",
            },
            {
               category: "external",
               summary: "SUSE Bug 1042892 for CVE-2017-9242",
               url: "https://bugzilla.suse.com/1042892",
            },
         ],
         remediations: [
            {
               category: "vendor_fix",
               details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
               product_ids: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         scores: [
            {
               cvss_v3: {
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  version: "3.0",
               },
               products: [
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.s390x",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.ppc64le",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.63.1.noarch",
                  "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.63.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-default-1-2.1.x86_64",
                  "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_63-xen-1-2.1.x86_64",
               ],
            },
         ],
         threats: [
            {
               category: "impact",
               date: "2017-10-30T15:09:11Z",
               details: "important",
            },
         ],
         title: "CVE-2017-9242",
      },
   ],
}

cve-2017-8831

Vulnerability from cvelistv5

Published

2017-05-08 06:10

Modified

2024-08-05 16:48

Severity ?

Summary

The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnerability.

References

▼	URL	Tags
	https://github.com/stoth68000/media-tree/commit/354dd3924a2e43806774953de536257548b5002c	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/99619	vdb-entry, x_refsource_BID
	https://bugzilla.kernel.org/show_bug.cgi?id=195559	x_refsource_MISC
	https://usn.ubuntu.com/3754-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/archive/1/540770/30/0/threaded	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:48:22.575Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/stoth68000/media-tree/commit/354dd3924a2e43806774953de536257548b5002c",
               },
               {
                  name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
               },
               {
                  name: "99619",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99619",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.kernel.org/show_bug.cgi?id=195559",
               },
               {
                  name: "USN-3754-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3754-1/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/archive/1/540770/30/0/threaded",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-07T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-08-24T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/stoth68000/media-tree/commit/354dd3924a2e43806774953de536257548b5002c",
            },
            {
               name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
            },
            {
               name: "99619",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99619",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.kernel.org/show_bug.cgi?id=195559",
            },
            {
               name: "USN-3754-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3754-1/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.securityfocus.com/archive/1/540770/30/0/threaded",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-8831",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/stoth68000/media-tree/commit/354dd3924a2e43806774953de536257548b5002c",
                     refsource: "CONFIRM",
                     url: "https://github.com/stoth68000/media-tree/commit/354dd3924a2e43806774953de536257548b5002c",
                  },
                  {
                     name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
                  },
                  {
                     name: "99619",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99619",
                  },
                  {
                     name: "https://bugzilla.kernel.org/show_bug.cgi?id=195559",
                     refsource: "MISC",
                     url: "https://bugzilla.kernel.org/show_bug.cgi?id=195559",
                  },
                  {
                     name: "USN-3754-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3754-1/",
                  },
                  {
                     name: "http://www.securityfocus.com/archive/1/540770/30/0/threaded",
                     refsource: "MISC",
                     url: "http://www.securityfocus.com/archive/1/540770/30/0/threaded",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-8831",
      datePublished: "2017-05-08T06:10:00",
      dateReserved: "2017-05-07T00:00:00",
      dateUpdated: "2024-08-05T16:48:22.575Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-14051

Vulnerability from cvelistv5

Published

2017-08-31 04:00

Modified

2024-08-05 19:13

Severity ?

Summary

An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.

References

▼	URL	Tags
	https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3583-2/	vendor-advisory, x_refsource_UBUNTU
	https://bugzilla.kernel.org/show_bug.cgi?id=194061	x_refsource_MISC
	http://www.securityfocus.com/bid/100571	vdb-entry, x_refsource_BID
	https://patchwork.kernel.org/patch/9929625/	x_refsource_MISC
	https://usn.ubuntu.com/3583-1/	vendor-advisory, x_refsource_UBUNTU

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:13:41.580Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
               },
               {
                  name: "USN-3583-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-2/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.kernel.org/show_bug.cgi?id=194061",
               },
               {
                  name: "100571",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100571",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://patchwork.kernel.org/patch/9929625/",
               },
               {
                  name: "USN-3583-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-1/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-08-30T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-03-15T09:57:02",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
            },
            {
               name: "USN-3583-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-2/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://bugzilla.kernel.org/show_bug.cgi?id=194061",
            },
            {
               name: "100571",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100571",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://patchwork.kernel.org/patch/9929625/",
            },
            {
               name: "USN-3583-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-1/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-14051",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
                  },
                  {
                     name: "USN-3583-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-2/",
                  },
                  {
                     name: "https://bugzilla.kernel.org/show_bug.cgi?id=194061",
                     refsource: "MISC",
                     url: "https://bugzilla.kernel.org/show_bug.cgi?id=194061",
                  },
                  {
                     name: "100571",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/100571",
                  },
                  {
                     name: "https://patchwork.kernel.org/patch/9929625/",
                     refsource: "MISC",
                     url: "https://patchwork.kernel.org/patch/9929625/",
                  },
                  {
                     name: "USN-3583-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-1/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-14051",
      datePublished: "2017-08-31T04:00:00",
      dateReserved: "2017-08-30T00:00:00",
      dateUpdated: "2024-08-05T19:13:41.580Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7889

Vulnerability from cvelistv5

Published

2017-04-17 00:00

Modified

2024-08-05 16:19

Severity ?

Summary

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94	x_refsource_MISC
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94	x_refsource_MISC
	https://usn.ubuntu.com/3583-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3583-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/97690	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.openwall.com/lists/oss-security/2017/04/16/4	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:19:28.575Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94",
               },
               {
                  name: "USN-3583-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-2/",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  name: "USN-3583-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-1/",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
               {
                  name: "97690",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/97690",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/04/16/4",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-04-16T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-01-05T20:01:31",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94",
            },
            {
               name: "USN-3583-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-2/",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               name: "USN-3583-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-1/",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
            {
               name: "97690",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/97690",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/04/16/4",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-7889",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/a4866aa812518ed1a37d8ea0c881dc946409de94",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94",
                     refsource: "MISC",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a4866aa812518ed1a37d8ea0c881dc946409de94",
                  },
                  {
                     name: "USN-3583-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-2/",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "USN-3583-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-1/",
                  },
                  {
                     name: "DSA-3945",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3945",
                  },
                  {
                     name: "97690",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/97690",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "http://www.openwall.com/lists/oss-security/2017/04/16/4",
                     refsource: "MISC",
                     url: "http://www.openwall.com/lists/oss-security/2017/04/16/4",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6",
                     refsource: "CONFIRM",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=b8f254aa17f720053054c4ecff3920973a83b9d6",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-7889",
      datePublished: "2017-04-17T00:00:00",
      dateReserved: "2017-04-16T00:00:00",
      dateUpdated: "2024-08-05T16:19:28.575Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-13080

Vulnerability from cvelistv5

Published

2017-10-17 13:00

Modified

2024-08-05 18:58

Severity ?

Summary

Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039581	vdb-entry, x_refsource_SECTRACK
	https://support.apple.com/HT208221	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/101274	vdb-entry, x_refsource_BID
	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html	vendor-advisory, x_refsource_SUSE
	https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html	mailing-list, x_refsource_MLIST
	http://www.debian.org/security/2017/dsa-3999	vendor-advisory, x_refsource_DEBIAN
	https://support.apple.com/HT208327	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039578	vdb-entry, x_refsource_SECTRACK
	https://support.apple.com/HT208325	x_refsource_CONFIRM
	https://access.redhat.com/security/vulnerabilities/kracks	x_refsource_CONFIRM
	https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa	vendor-advisory, x_refsource_CISCO
	https://access.redhat.com/errata/RHSA-2017:2911	vendor-advisory, x_refsource_REDHAT
	https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt	x_refsource_MISC
	http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039577	vdb-entry, x_refsource_SECTRACK
	http://www.securitytracker.com/id/1039572	vdb-entry, x_refsource_SECTRACK
	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html	vendor-advisory, x_refsource_SUSE
	https://support.apple.com/HT208222	x_refsource_CONFIRM
	https://support.apple.com/HT208334	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201711-03	vendor-advisory, x_refsource_GENTOO
	https://access.redhat.com/errata/RHSA-2017:2907	vendor-advisory, x_refsource_REDHAT
	https://support.lenovo.com/us/en/product_security/LEN-17420	x_refsource_CONFIRM
	https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc	vendor-advisory, x_refsource_FREEBSD
	https://www.krackattacks.com/	x_refsource_MISC
	http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039573	vdb-entry, x_refsource_SECTRACK
	http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html	vendor-advisory, x_refsource_SUSE
	http://www.securitytracker.com/id/1039576	vdb-entry, x_refsource_SECTRACK
	https://cert.vde.com/en-us/advisories/vde-2017-003	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039585	vdb-entry, x_refsource_SECTRACK
	http://www.kb.cert.org/vuls/id/228519	third-party-advisory, x_refsource_CERT-VN
	https://support.apple.com/HT208220	x_refsource_CONFIRM
	https://support.apple.com/HT208219	x_refsource_CONFIRM
	https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html	mailing-list, x_refsource_MLIST
	https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf	x_refsource_CONFIRM
	https://cert.vde.com/en-us/advisories/vde-2017-005	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1039703	vdb-entry, x_refsource_SECTRACK
	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-3455-1	vendor-advisory, x_refsource_UBUNTU
	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Wi-Fi Alliance	Wi-Fi Protected Access (WPA and WPA2)	Version: WPA Version: WPA2

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:58:12.283Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039581",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039581",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/HT208221",
               },
               {
                  name: "101274",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101274",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
               },
               {
                  name: "SUSE-SU-2017:2745",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html",
               },
               {
                  name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
               },
               {
                  name: "DSA-3999",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3999",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/HT208327",
               },
               {
                  name: "1039578",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039578",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/HT208325",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/vulnerabilities/kracks",
               },
               {
                  name: "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_CISCO",
                     "x_transferred",
                  ],
                  url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa",
               },
               {
                  name: "RHSA-2017:2911",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2911",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
               },
               {
                  name: "1039577",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039577",
               },
               {
                  name: "1039572",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039572",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us",
               },
               {
                  name: "openSUSE-SU-2017:2755",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/HT208222",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/HT208334",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-11-01",
               },
               {
                  name: "GLSA-201711-03",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201711-03",
               },
               {
                  name: "RHSA-2017:2907",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2907",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.lenovo.com/us/en/product_security/LEN-17420",
               },
               {
                  name: "FreeBSD-SA-17:07",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FREEBSD",
                     "x_transferred",
                  ],
                  url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.krackattacks.com/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
               },
               {
                  name: "1039573",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039573",
               },
               {
                  name: "SUSE-SU-2017:2752",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html",
               },
               {
                  name: "1039576",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039576",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert.vde.com/en-us/advisories/vde-2017-003",
               },
               {
                  name: "1039585",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039585",
               },
               {
                  name: "VU#228519",
                  tags: [
                     "third-party-advisory",
                     "x_refsource_CERT-VN",
                     "x_transferred",
                  ],
                  url: "http://www.kb.cert.org/vuls/id/228519",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/HT208220",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.apple.com/HT208219",
               },
               {
                  name: "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://cert.vde.com/en-us/advisories/vde-2017-005",
               },
               {
                  name: "1039703",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039703",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080",
               },
               {
                  name: "USN-3455-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "http://www.ubuntu.com/usn/USN-3455-1",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Wi-Fi Protected Access (WPA and WPA2)",
               vendor: "Wi-Fi Alliance",
               versions: [
                  {
                     status: "affected",
                     version: "WPA",
                  },
                  {
                     status: "affected",
                     version: "WPA2",
                  },
               ],
            },
         ],
         datePublic: "2017-10-16T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-323",
                     description: "CWE-323: Reusing a Nonce, Key Pair in Encryption",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-11-10T20:06:15",
            orgId: "37e5125f-f79b-445b-8fad-9564f167944b",
            shortName: "certcc",
         },
         references: [
            {
               name: "1039581",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039581",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.apple.com/HT208221",
            },
            {
               name: "101274",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101274",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
            },
            {
               name: "SUSE-SU-2017:2745",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html",
            },
            {
               name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
            },
            {
               name: "DSA-3999",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3999",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.apple.com/HT208327",
            },
            {
               name: "1039578",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039578",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.apple.com/HT208325",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/vulnerabilities/kracks",
            },
            {
               name: "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
               tags: [
                  "vendor-advisory",
                  "x_refsource_CISCO",
               ],
               url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa",
            },
            {
               name: "RHSA-2017:2911",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2911",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
            },
            {
               name: "1039577",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039577",
            },
            {
               name: "1039572",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039572",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us",
            },
            {
               name: "openSUSE-SU-2017:2755",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.apple.com/HT208222",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.apple.com/HT208334",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-11-01",
            },
            {
               name: "GLSA-201711-03",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201711-03",
            },
            {
               name: "RHSA-2017:2907",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2907",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.lenovo.com/us/en/product_security/LEN-17420",
            },
            {
               name: "FreeBSD-SA-17:07",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FREEBSD",
               ],
               url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.krackattacks.com/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
            },
            {
               name: "1039573",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039573",
            },
            {
               name: "SUSE-SU-2017:2752",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html",
            },
            {
               name: "1039576",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039576",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert.vde.com/en-us/advisories/vde-2017-003",
            },
            {
               name: "1039585",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039585",
            },
            {
               name: "VU#228519",
               tags: [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
               ],
               url: "http://www.kb.cert.org/vuls/id/228519",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.apple.com/HT208220",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.apple.com/HT208219",
            },
            {
               name: "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://cert.vde.com/en-us/advisories/vde-2017-005",
            },
            {
               name: "1039703",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039703",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080",
            },
            {
               name: "USN-3455-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "http://www.ubuntu.com/usn/USN-3455-1",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cert@cert.org",
               ID: "CVE-2017-13080",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Wi-Fi Protected Access (WPA and WPA2)",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "WPA",
                                       },
                                       {
                                          version_value: "WPA2",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Wi-Fi Alliance",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-323: Reusing a Nonce, Key Pair in Encryption",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "1039581",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039581",
                  },
                  {
                     name: "https://support.apple.com/HT208221",
                     refsource: "CONFIRM",
                     url: "https://support.apple.com/HT208221",
                  },
                  {
                     name: "101274",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101274",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
                  },
                  {
                     name: "SUSE-SU-2017:2745",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00020.html",
                  },
                  {
                     name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
                  },
                  {
                     name: "DSA-3999",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3999",
                  },
                  {
                     name: "https://support.apple.com/HT208327",
                     refsource: "CONFIRM",
                     url: "https://support.apple.com/HT208327",
                  },
                  {
                     name: "1039578",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039578",
                  },
                  {
                     name: "https://support.apple.com/HT208325",
                     refsource: "CONFIRM",
                     url: "https://support.apple.com/HT208325",
                  },
                  {
                     name: "https://access.redhat.com/security/vulnerabilities/kracks",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/vulnerabilities/kracks",
                  },
                  {
                     name: "20171016 Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II",
                     refsource: "CISCO",
                     url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa",
                  },
                  {
                     name: "RHSA-2017:2911",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2911",
                  },
                  {
                     name: "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
                     refsource: "MISC",
                     url: "https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt",
                  },
                  {
                     name: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
                     refsource: "CONFIRM",
                     url: "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-007.txt",
                  },
                  {
                     name: "1039577",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039577",
                  },
                  {
                     name: "1039572",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039572",
                  },
                  {
                     name: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us",
                     refsource: "CONFIRM",
                     url: "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03792en_us",
                  },
                  {
                     name: "openSUSE-SU-2017:2755",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00024.html",
                  },
                  {
                     name: "https://support.apple.com/HT208222",
                     refsource: "CONFIRM",
                     url: "https://support.apple.com/HT208222",
                  },
                  {
                     name: "https://support.apple.com/HT208334",
                     refsource: "CONFIRM",
                     url: "https://support.apple.com/HT208334",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-11-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-11-01",
                  },
                  {
                     name: "GLSA-201711-03",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201711-03",
                  },
                  {
                     name: "RHSA-2017:2907",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2907",
                  },
                  {
                     name: "https://support.lenovo.com/us/en/product_security/LEN-17420",
                     refsource: "CONFIRM",
                     url: "https://support.lenovo.com/us/en/product_security/LEN-17420",
                  },
                  {
                     name: "FreeBSD-SA-17:07",
                     refsource: "FREEBSD",
                     url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-17:07.wpa.asc",
                  },
                  {
                     name: "https://www.krackattacks.com/",
                     refsource: "MISC",
                     url: "https://www.krackattacks.com/",
                  },
                  {
                     name: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
                     refsource: "CONFIRM",
                     url: "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html",
                  },
                  {
                     name: "1039573",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039573",
                  },
                  {
                     name: "SUSE-SU-2017:2752",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00023.html",
                  },
                  {
                     name: "1039576",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039576",
                  },
                  {
                     name: "https://cert.vde.com/en-us/advisories/vde-2017-003",
                     refsource: "CONFIRM",
                     url: "https://cert.vde.com/en-us/advisories/vde-2017-003",
                  },
                  {
                     name: "1039585",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039585",
                  },
                  {
                     name: "VU#228519",
                     refsource: "CERT-VN",
                     url: "http://www.kb.cert.org/vuls/id/228519",
                  },
                  {
                     name: "https://support.apple.com/HT208220",
                     refsource: "CONFIRM",
                     url: "https://support.apple.com/HT208220",
                  },
                  {
                     name: "https://support.apple.com/HT208219",
                     refsource: "CONFIRM",
                     url: "https://support.apple.com/HT208219",
                  },
                  {
                     name: "[debian-lts-announce] 20181113 [SECURITY] [DLA 1573-1] firmware-nonfree security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2018/11/msg00015.html",
                  },
                  {
                     name: "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
                     refsource: "CONFIRM",
                     url: "https://cert-portal.siemens.com/productcert/pdf/ssa-901333.pdf",
                  },
                  {
                     name: "https://cert.vde.com/en-us/advisories/vde-2017-005",
                     refsource: "CONFIRM",
                     url: "https://cert.vde.com/en-us/advisories/vde-2017-005",
                  },
                  {
                     name: "1039703",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039703",
                  },
                  {
                     name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080",
                     refsource: "CONFIRM",
                     url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-13080",
                  },
                  {
                     name: "USN-3455-1",
                     refsource: "UBUNTU",
                     url: "http://www.ubuntu.com/usn/USN-3455-1",
                  },
                  {
                     name: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html",
                     refsource: "CONFIRM",
                     url: "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b",
      assignerShortName: "certcc",
      cveId: "CVE-2017-13080",
      datePublished: "2017-10-17T13:00:00",
      dateReserved: "2017-08-22T00:00:00",
      dateUpdated: "2024-08-05T18:58:12.283Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-8890

Vulnerability from cvelistv5

Published

2017-05-10 16:00

Modified

2024-08-05 16:48

Severity ?

Summary

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98562	vdb-entry, x_refsource_BID
	https://source.android.com/security/bulletin/2017-09-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:48:22.695Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98562",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98562",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-09-01",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-10T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98562",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98562",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-09-01",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-8890",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98562",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98562",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-09-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-09-01",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=657831ffc38e30092a2d5f03d385d710eb88b09a",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/657831ffc38e30092a2d5f03d385d710eb88b09a",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-8890",
      datePublished: "2017-05-10T16:00:00",
      dateReserved: "2017-05-10T00:00:00",
      dateUpdated: "2024-08-05T16:48:22.695Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9074

Vulnerability from cvelistv5

Published

2017-05-19 06:25

Modified

2024-08-05 16:55

Severity ?

Summary

The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98577	vdb-entry, x_refsource_BID
	https://patchwork.ozlabs.org/patch/763117/	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:0169	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:55:21.933Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98577",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98577",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/763117/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1",
               },
               {
                  name: "RHSA-2018:0169",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0169",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-11-30T20:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98577",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98577",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/763117/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1",
            },
            {
               name: "RHSA-2018:0169",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0169",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9074",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98577",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98577",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/763117/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/763117/",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/2423496af35d94a87156b063ea5cedffc10a70a1",
                  },
                  {
                     name: "RHSA-2018:0169",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0169",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                     refsource: "CONFIRM",
                     url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2423496af35d94a87156b063ea5cedffc10a70a1",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9074",
      datePublished: "2017-05-19T06:25:00",
      dateReserved: "2017-05-19T00:00:00",
      dateUpdated: "2024-08-05T16:55:21.933Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-8925

Vulnerability from cvelistv5

Published

2017-05-12 21:00

Modified

2024-08-05 16:48

Severity ?

Summary

The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.

References

▼	URL	Tags
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98462	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:48:23.018Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
               },
               {
                  name: "98462",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98462",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-12T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
            },
            {
               name: "98462",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98462",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-8925",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
                  },
                  {
                     name: "98462",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98462",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=30572418b445d85fcfe6c8fe84c947d2606767d8",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/30572418b445d85fcfe6c8fe84c947d2606767d8",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-8925",
      datePublished: "2017-05-12T21:00:00",
      dateReserved: "2017-05-12T00:00:00",
      dateUpdated: "2024-08-05T16:48:23.018Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7482

Vulnerability from cvelistv5

Published

2018-07-30 14:00

Modified

2024-08-05 16:04

Severity ?

7.1 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H

Summary

In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/99299	vdb-entry, x_refsource_BID
	https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1038787	vdb-entry, x_refsource_SECTRACK
	https://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	https://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482	x_refsource_CONFIRM
	http://seclists.org/oss-sec/2017/q2/602	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2019:0641	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	[UNKNOWN]	kernel:	Version: 4.12

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:04:11.726Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "99299",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99299",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0",
               },
               {
                  name: "1038787",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038787",
               },
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2017/dsa-3927",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2017/dsa-3945",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482",
               },
               {
                  name: "[oss-security] 20170626 CVE-2017-7482 Linux kernel: krb5 ticket decode len check.",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/oss-sec/2017/q2/602",
               },
               {
                  name: "RHSA-2019:0641",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:0641",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "kernel:",
               vendor: "[UNKNOWN]",
               versions: [
                  {
                     status: "affected",
                     version: "4.12",
                  },
               ],
            },
         ],
         datePublic: "2017-04-27T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.1,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "NONE",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-190",
                     description: "CWE-190",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-03-26T10:06:06",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "99299",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99299",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0",
            },
            {
               name: "1038787",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038787",
            },
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2017/dsa-3927",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2017/dsa-3945",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482",
            },
            {
               name: "[oss-security] 20170626 CVE-2017-7482 Linux kernel: krb5 ticket decode len check.",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://seclists.org/oss-sec/2017/q2/602",
            },
            {
               name: "RHSA-2019:0641",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:0641",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2017-7482",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "kernel:",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "4.12",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "[UNKNOWN]",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.",
                  },
               ],
            },
            impact: {
               cvss: [
                  [
                     {
                        vectorString: "7.1/CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                        version: "3.0",
                     },
                  ],
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-190",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "99299",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99299",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0",
                     refsource: "CONFIRM",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5f2f97656ada8d811d3c1bef503ced266fcd53a0",
                  },
                  {
                     name: "1038787",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038787",
                  },
                  {
                     name: "DSA-3927",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2017/dsa-3927",
                  },
                  {
                     name: "DSA-3945",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2017/dsa-3945",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7482",
                  },
                  {
                     name: "[oss-security] 20170626 CVE-2017-7482 Linux kernel: krb5 ticket decode len check.",
                     refsource: "MLIST",
                     url: "http://seclists.org/oss-sec/2017/q2/602",
                  },
                  {
                     name: "RHSA-2019:0641",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:0641",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-7482",
      datePublished: "2018-07-30T14:00:00",
      dateReserved: "2017-04-05T00:00:00",
      dateUpdated: "2024-08-05T16:04:11.726Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9076

Vulnerability from cvelistv5

Published

2017-05-19 06:25

Modified

2024-08-05 16:55

Severity ?

Summary

The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52	x_refsource_CONFIRM
	https://patchwork.ozlabs.org/patch/760370/	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-09-01	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98586	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:55:22.127Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/760370/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-09-01",
               },
               {
                  name: "98586",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98586",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/760370/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-09-01",
            },
            {
               name: "98586",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98586",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9076",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/760370/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/760370/",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-09-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-09-01",
                  },
                  {
                     name: "98586",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98586",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9076",
      datePublished: "2017-05-19T06:25:00",
      dateReserved: "2017-05-19T00:00:00",
      dateUpdated: "2024-08-05T16:55:22.127Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-11176

Vulnerability from cvelistv5

Published

2017-07-11 23:00

Modified

2024-08-05 17:57

Severity ?

Summary

The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.

References

▼	URL	Tags
	http://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:0169	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2918	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory, x_refsource_REDHAT
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/99919	vdb-entry, x_refsource_BID
	https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://www.exploit-db.com/exploits/45553/	exploit, x_refsource_EXPLOIT-DB
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:3822	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T17:57:57.680Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3927",
               },
               {
                  name: "RHSA-2018:0169",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0169",
               },
               {
                  name: "RHSA-2017:2918",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2918",
               },
               {
                  name: "RHSA-2017:2931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2931",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
               },
               {
                  name: "99919",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99919",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
               {
                  name: "45553",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/45553/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1",
               },
               {
                  name: "RHSA-2018:3822",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:3822",
               },
               {
                  name: "RHSA-2017:2930",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2930",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-07-11T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-12-13T10:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3927",
            },
            {
               name: "RHSA-2018:0169",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0169",
            },
            {
               name: "RHSA-2017:2918",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2918",
            },
            {
               name: "RHSA-2017:2931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2931",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
            },
            {
               name: "99919",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99919",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
            {
               name: "45553",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/45553/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1",
            },
            {
               name: "RHSA-2018:3822",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:3822",
            },
            {
               name: "RHSA-2017:2930",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2930",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-11176",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "DSA-3927",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3927",
                  },
                  {
                     name: "RHSA-2018:0169",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0169",
                  },
                  {
                     name: "RHSA-2017:2918",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2918",
                  },
                  {
                     name: "RHSA-2017:2931",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2931",
                  },
                  {
                     name: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                     refsource: "CONFIRM",
                     url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                  },
                  {
                     name: "99919",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99919",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/f991af3daabaecff34684fd51fac80319d1baad1",
                  },
                  {
                     name: "DSA-3945",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3945",
                  },
                  {
                     name: "45553",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/45553/",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f991af3daabaecff34684fd51fac80319d1baad1",
                  },
                  {
                     name: "RHSA-2018:3822",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:3822",
                  },
                  {
                     name: "RHSA-2017:2930",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2930",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-11176",
      datePublished: "2017-07-11T23:00:00",
      dateReserved: "2017-07-11T00:00:00",
      dateUpdated: "2024-08-05T17:57:57.680Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-1000363

Vulnerability from cvelistv5

Published

2017-07-13 20:00

Modified

2024-08-05 22:00

Severity ?

Summary

Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98651	vdb-entry, x_refsource_BID
	https://alephsecurity.com/vulns/aleph-2017023	x_refsource_MISC
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:00:40.923Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98651",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98651",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://alephsecurity.com/vulns/aleph-2017023",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-07-13T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98651",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98651",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://alephsecurity.com/vulns/aleph-2017023",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-1000363",
               REQUESTER: "roee.hay@hcl.com",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98651",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98651",
                  },
                  {
                     name: "https://alephsecurity.com/vulns/aleph-2017023",
                     refsource: "MISC",
                     url: "https://alephsecurity.com/vulns/aleph-2017023",
                  },
                  {
                     name: "DSA-3945",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3945",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-1000363",
      datePublished: "2017-07-13T20:00:00",
      dateReserved: "2017-07-10T00:00:00",
      dateUpdated: "2024-08-05T22:00:40.923Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-15274

Vulnerability from cvelistv5

Published

2017-10-12 00:00

Modified

2024-08-05 19:50

Severity ?

Summary

security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.

References

▼	URL	Tags
	https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5	x_refsource_CONFIRM
	https://patchwork.kernel.org/patch/9781573/	x_refsource_CONFIRM
	https://usn.ubuntu.com/3583-2/	vendor-advisory, x_refsource_UBUNTU
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5	x_refsource_CONFIRM
	https://usn.ubuntu.com/3583-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/101292	vdb-entry, x_refsource_BID
	https://bugzilla.suse.com/show_bug.cgi?id=1045327	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2019:1946	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:50:16.470Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.kernel.org/patch/9781573/",
               },
               {
                  name: "USN-3583-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-2/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
               },
               {
                  name: "USN-3583-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-1/",
               },
               {
                  name: "101292",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101292",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.suse.com/show_bug.cgi?id=1045327",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5",
               },
               {
                  name: "RHSA-2019:1946",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:1946",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-11T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-07-30T12:06:06",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.kernel.org/patch/9781573/",
            },
            {
               name: "USN-3583-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-2/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
            },
            {
               name: "USN-3583-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-1/",
            },
            {
               name: "101292",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101292",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.suse.com/show_bug.cgi?id=1045327",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5",
            },
            {
               name: "RHSA-2019:1946",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:1946",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-15274",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/5649645d725c73df4302428ee4e02c869248b4c5",
                  },
                  {
                     name: "https://patchwork.kernel.org/patch/9781573/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.kernel.org/patch/9781573/",
                  },
                  {
                     name: "USN-3583-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-2/",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
                  },
                  {
                     name: "USN-3583-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-1/",
                  },
                  {
                     name: "101292",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101292",
                  },
                  {
                     name: "https://bugzilla.suse.com/show_bug.cgi?id=1045327",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.suse.com/show_bug.cgi?id=1045327",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5649645d725c73df4302428ee4e02c869248b4c5",
                  },
                  {
                     name: "RHSA-2019:1946",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:1946",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-15274",
      datePublished: "2017-10-12T00:00:00",
      dateReserved: "2017-10-11T00:00:00",
      dateUpdated: "2024-08-05T19:50:16.470Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-1000380

Vulnerability from cvelistv5

Published

2017-06-17 18:00

Modified

2024-08-05 22:00

Severity ?

Summary

sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:3315	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:3322	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:3295	vendor-advisory, x_refsource_REDHAT
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5	x_refsource_MISC
	https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728	x_refsource_MISC
	http://www.openwall.com/lists/oss-security/2017/06/12/2	x_refsource_MISC
	http://www.debian.org/security/2017/dsa-3981	vendor-advisory, x_refsource_DEBIAN
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728	x_refsource_MISC
	https://source.android.com/security/bulletin/pixel/2017-12-01	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378	x_refsource_MISC
	http://www.securityfocus.com/bid/99121	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:00:39.924Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:3315",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:3315",
               },
               {
                  name: "RHSA-2017:3322",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:3322",
               },
               {
                  name: "RHSA-2017:3295",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:3295",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/06/12/2",
               },
               {
                  name: "DSA-3981",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3981",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/pixel/2017-12-01",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378",
               },
               {
                  name: "99121",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99121",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-06-17T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-12-05T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "RHSA-2017:3315",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:3315",
            },
            {
               name: "RHSA-2017:3322",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:3322",
            },
            {
               name: "RHSA-2017:3295",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:3295",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/06/12/2",
            },
            {
               name: "DSA-3981",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3981",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/pixel/2017-12-01",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378",
            },
            {
               name: "99121",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99121",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-1000380",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:3315",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:3315",
                  },
                  {
                     name: "RHSA-2017:3322",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:3322",
                  },
                  {
                     name: "RHSA-2017:3295",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:3295",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
                     refsource: "MISC",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.11.5",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/ba3021b2c79b2fa9114f92790a99deb27a65b728",
                  },
                  {
                     name: "http://www.openwall.com/lists/oss-security/2017/06/12/2",
                     refsource: "MISC",
                     url: "http://www.openwall.com/lists/oss-security/2017/06/12/2",
                  },
                  {
                     name: "DSA-3981",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3981",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728",
                     refsource: "MISC",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ba3021b2c79b2fa9114f92790a99deb27a65b728",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/pixel/2017-12-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/pixel/2017-12-01",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/d11662f4f798b50d8c8743f433842c3e40fe3378",
                  },
                  {
                     name: "99121",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99121",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378",
                     refsource: "MISC",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d11662f4f798b50d8c8743f433842c3e40fe3378",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-1000380",
      datePublished: "2017-06-17T18:00:00",
      dateReserved: "2017-06-13T00:00:00",
      dateUpdated: "2024-08-05T22:00:39.924Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9075

Vulnerability from cvelistv5

Published

2017-05-19 06:25

Modified

2024-08-05 16:55

Severity ?

Summary

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98597	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	https://source.android.com/security/bulletin/2017-10-01	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT
	https://patchwork.ozlabs.org/patch/763569/	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:55:22.125Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98597",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98597",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-10-01",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/763569/",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98597",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98597",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-10-01",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/763569/",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9075",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98597",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98597",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-10-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-10-01",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/fdcee2cbb8438702ea1b328fb6e0ac5e9a40c7f8",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/763569/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/763569/",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9075",
      datePublished: "2017-05-19T06:25:00",
      dateReserved: "2017-05-19T00:00:00",
      dateUpdated: "2024-08-05T16:55:22.125Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9242

Vulnerability from cvelistv5

Published

2017-05-27 00:00

Modified

2024-08-05 17:02

Severity ?

Summary

The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/98731	vdb-entry, x_refsource_BID
	https://patchwork.ozlabs.org/patch/764880/	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T17:02:43.389Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "98731",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98731",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/764880/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-26T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-01-04T19:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "98731",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98731",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/764880/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9242",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "98731",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98731",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/764880/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/764880/",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=232cd35d0804cc241eb887bb8d4d9b3b9881c64a",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9242",
      datePublished: "2017-05-27T00:00:00",
      dateReserved: "2017-05-26T00:00:00",
      dateUpdated: "2024-08-05T17:02:43.389Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-14106

Vulnerability from cvelistv5

Published

2017-09-01 16:00

Modified

2024-08-05 19:20

Severity ?

Summary

The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2017:3200	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html	vendor-advisory, x_refsource_SUSE
	https://access.redhat.com/errata/RHSA-2017:2918	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/100878	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2017/dsa-3981	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:2172	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/499350a5a6e7512d9ed369ed63a4244b6536f4f8	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8	x_refsource_CONFIRM
	https://www.mail-archive.com/netdev%40vger.kernel.org/msg186255.html	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1039549	vdb-entry, x_refsource_SECTRACK

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:20:39.873Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2017:3200",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:3200",
               },
               {
                  name: "SUSE-SU-2018:0011",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html",
               },
               {
                  name: "RHSA-2017:2918",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2918",
               },
               {
                  name: "RHSA-2017:2931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2931",
               },
               {
                  name: "100878",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100878",
               },
               {
                  name: "DSA-3981",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3981",
               },
               {
                  name: "RHSA-2018:2172",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:2172",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/499350a5a6e7512d9ed369ed63a4244b6536f4f8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.mail-archive.com/netdev%40vger.kernel.org/msg186255.html",
               },
               {
                  name: "RHSA-2017:2930",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2930",
               },
               {
                  name: "1039549",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039549",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-09-01T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-07-12T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "RHSA-2017:3200",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:3200",
            },
            {
               name: "SUSE-SU-2018:0011",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html",
            },
            {
               name: "RHSA-2017:2918",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2918",
            },
            {
               name: "RHSA-2017:2931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2931",
            },
            {
               name: "100878",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100878",
            },
            {
               name: "DSA-3981",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3981",
            },
            {
               name: "RHSA-2018:2172",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:2172",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/499350a5a6e7512d9ed369ed63a4244b6536f4f8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.mail-archive.com/netdev%40vger.kernel.org/msg186255.html",
            },
            {
               name: "RHSA-2017:2930",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2930",
            },
            {
               name: "1039549",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039549",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-14106",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2017:3200",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:3200",
                  },
                  {
                     name: "SUSE-SU-2018:0011",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2018-01/msg00007.html",
                  },
                  {
                     name: "RHSA-2017:2918",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2918",
                  },
                  {
                     name: "RHSA-2017:2931",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2931",
                  },
                  {
                     name: "100878",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/100878",
                  },
                  {
                     name: "DSA-3981",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3981",
                  },
                  {
                     name: "RHSA-2018:2172",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:2172",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/499350a5a6e7512d9ed369ed63a4244b6536f4f8",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/499350a5a6e7512d9ed369ed63a4244b6536f4f8",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=499350a5a6e7512d9ed369ed63a4244b6536f4f8",
                  },
                  {
                     name: "https://www.mail-archive.com/netdev@vger.kernel.org/msg186255.html",
                     refsource: "CONFIRM",
                     url: "https://www.mail-archive.com/netdev@vger.kernel.org/msg186255.html",
                  },
                  {
                     name: "RHSA-2017:2930",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2930",
                  },
                  {
                     name: "1039549",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039549",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-14106",
      datePublished: "2017-09-01T16:00:00",
      dateReserved: "2017-09-01T00:00:00",
      dateUpdated: "2024-08-05T19:20:39.873Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-12762

Vulnerability from cvelistv5

Published

2017-08-09 21:00

Modified

2024-08-05 18:51

Severity ?

Summary

In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.

References

▼	URL	Tags
	https://usn.ubuntu.com/3620-2/	vendor-advisory, x_refsource_UBUNTU
	https://patchwork.kernel.org/patch/9880041/	x_refsource_MISC
	http://www.securityfocus.com/bid/100251	vdb-entry, x_refsource_BID
	https://usn.ubuntu.com/3620-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2020/02/11/1	mailing-list, x_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2020/02/11/2	mailing-list, x_refsource_MLIST
	http://www.openwall.com/lists/oss-security/2020/02/14/4	mailing-list, x_refsource_MLIST

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:51:05.643Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-3620-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3620-2/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://patchwork.kernel.org/patch/9880041/",
               },
               {
                  name: "100251",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100251",
               },
               {
                  name: "USN-3620-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3620-1/",
               },
               {
                  name: "[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2020/02/11/1",
               },
               {
                  name: "[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2020/02/11/2",
               },
               {
                  name: "[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2020/02/14/4",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-08-03T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-02-14T12:06:04",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "USN-3620-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3620-2/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://patchwork.kernel.org/patch/9880041/",
            },
            {
               name: "100251",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100251",
            },
            {
               name: "USN-3620-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3620-1/",
            },
            {
               name: "[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2020/02/11/1",
            },
            {
               name: "[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2020/02/11/2",
            },
            {
               name: "[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2020/02/14/4",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-12762",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-3620-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3620-2/",
                  },
                  {
                     name: "https://patchwork.kernel.org/patch/9880041/",
                     refsource: "MISC",
                     url: "https://patchwork.kernel.org/patch/9880041/",
                  },
                  {
                     name: "100251",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/100251",
                  },
                  {
                     name: "USN-3620-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3620-1/",
                  },
                  {
                     name: "[oss-security] 20200211 Potential regression and/or incomplete fix for CVE-2017-12762",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2020/02/11/1",
                  },
                  {
                     name: "[oss-security] 20200211 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2020/02/11/2",
                  },
                  {
                     name: "[oss-security] 20200214 Re: Potential regression and/or incomplete fix for CVE-2017-12762",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2020/02/14/4",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-12762",
      datePublished: "2017-08-09T21:00:00",
      dateReserved: "2017-08-09T00:00:00",
      dateUpdated: "2024-08-05T18:51:05.643Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-12153

Vulnerability from cvelistv5

Published

2017-09-21 15:00

Modified

2024-08-05 18:28

Severity ?

Summary

A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.

References

▼	URL	Tags
	https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=e785fa0a164aa11001cba931367c7f94ffaff888	x_refsource_CONFIRM
	https://bugzilla.novell.com/show_bug.cgi?id=1058410	x_refsource_CONFIRM
	https://usn.ubuntu.com/3583-2/	vendor-advisory, x_refsource_UBUNTU
	http://www.securityfocus.com/bid/100855	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2017/dsa-3981	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/3583-1/	vendor-advisory, x_refsource_UBUNTU
	http://seclists.org/oss-sec/2017/q3/437	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1491046	x_refsource_CONFIRM
	https://marc.info/?t=150525503100001&r=1&w=2	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	kernel since v3.1-rc1 through v4.13	Version: kernel since v3.1-rc1 through v4.13

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:28:16.646Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=e785fa0a164aa11001cba931367c7f94ffaff888",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.novell.com/show_bug.cgi?id=1058410",
               },
               {
                  name: "USN-3583-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-2/",
               },
               {
                  name: "100855",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100855",
               },
               {
                  name: "DSA-3981",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3981",
               },
               {
                  name: "USN-3583-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/oss-sec/2017/q3/437",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1491046",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://marc.info/?t=150525503100001&r=1&w=2",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "kernel since v3.1-rc1 through v4.13",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "kernel since v3.1-rc1 through v4.13",
                  },
               ],
            },
         ],
         datePublic: "2017-09-21T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-476",
                     description: "CWE-476",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-03-15T09:57:02",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/jberg/mac80211.git/commit/?id=e785fa0a164aa11001cba931367c7f94ffaff888",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.novell.com/show_bug.cgi?id=1058410",
            },
            {
               name: "USN-3583-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-2/",
            },
            {
               name: "100855",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100855",
            },
            {
               name: "DSA-3981",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3981",
            },
            {
               name: "USN-3583-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://seclists.org/oss-sec/2017/q3/437",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1491046",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://marc.info/?t=150525503100001&r=1&w=2",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-12153",
      datePublished: "2017-09-21T15:00:00",
      dateReserved: "2017-08-01T00:00:00",
      dateUpdated: "2024-08-05T18:28:16.646Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-15649

Vulnerability from cvelistv5

Published

2017-10-19 22:00

Modified

2024-08-05 19:57

Severity ?

Summary

net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=008ba2a13f2d04c947adc536d19debb8fe66f110	x_refsource_MISC
	https://blogs.securiteam.com/index.php/archives/3484	x_refsource_MISC
	http://www.securityfocus.com/bid/101573	vdb-entry, x_refsource_BID
	https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2018:0181	vendor-advisory, x_refsource_REDHAT
	http://patchwork.ozlabs.org/patch/813945/	x_refsource_MISC
	https://usn.ubuntu.com/3754-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:0152	vendor-advisory, x_refsource_REDHAT
	http://patchwork.ozlabs.org/patch/818726/	x_refsource_MISC
	https://access.redhat.com/errata/RHSA-2018:0151	vendor-advisory, x_refsource_REDHAT
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4971613c1639d8e5f102c4e797c3bf8f83a5a69e	x_refsource_MISC
	https://github.com/torvalds/linux/commit/4971613c1639d8e5f102c4e797c3bf8f83a5a69e	x_refsource_MISC
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6	x_refsource_MISC
	https://github.com/torvalds/linux/commit/008ba2a13f2d04c947adc536d19debb8fe66f110	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:57:27.544Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=008ba2a13f2d04c947adc536d19debb8fe66f110",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://blogs.securiteam.com/index.php/archives/3484",
               },
               {
                  name: "101573",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101573",
               },
               {
                  name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
               },
               {
                  name: "RHSA-2018:0181",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0181",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://patchwork.ozlabs.org/patch/813945/",
               },
               {
                  name: "USN-3754-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3754-1/",
               },
               {
                  name: "RHSA-2018:0152",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0152",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://patchwork.ozlabs.org/patch/818726/",
               },
               {
                  name: "RHSA-2018:0151",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0151",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4971613c1639d8e5f102c4e797c3bf8f83a5a69e",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/4971613c1639d8e5f102c4e797c3bf8f83a5a69e",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/008ba2a13f2d04c947adc536d19debb8fe66f110",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-08-24T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=008ba2a13f2d04c947adc536d19debb8fe66f110",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://blogs.securiteam.com/index.php/archives/3484",
            },
            {
               name: "101573",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101573",
            },
            {
               name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
            },
            {
               name: "RHSA-2018:0181",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0181",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://patchwork.ozlabs.org/patch/813945/",
            },
            {
               name: "USN-3754-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3754-1/",
            },
            {
               name: "RHSA-2018:0152",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0152",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://patchwork.ozlabs.org/patch/818726/",
            },
            {
               name: "RHSA-2018:0151",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0151",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4971613c1639d8e5f102c4e797c3bf8f83a5a69e",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/4971613c1639d8e5f102c4e797c3bf8f83a5a69e",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/008ba2a13f2d04c947adc536d19debb8fe66f110",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-15649",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=008ba2a13f2d04c947adc536d19debb8fe66f110",
                     refsource: "MISC",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=008ba2a13f2d04c947adc536d19debb8fe66f110",
                  },
                  {
                     name: "https://blogs.securiteam.com/index.php/archives/3484",
                     refsource: "MISC",
                     url: "https://blogs.securiteam.com/index.php/archives/3484",
                  },
                  {
                     name: "101573",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101573",
                  },
                  {
                     name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
                  },
                  {
                     name: "RHSA-2018:0181",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0181",
                  },
                  {
                     name: "http://patchwork.ozlabs.org/patch/813945/",
                     refsource: "MISC",
                     url: "http://patchwork.ozlabs.org/patch/813945/",
                  },
                  {
                     name: "USN-3754-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3754-1/",
                  },
                  {
                     name: "RHSA-2018:0152",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0152",
                  },
                  {
                     name: "http://patchwork.ozlabs.org/patch/818726/",
                     refsource: "MISC",
                     url: "http://patchwork.ozlabs.org/patch/818726/",
                  },
                  {
                     name: "RHSA-2018:0151",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0151",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4971613c1639d8e5f102c4e797c3bf8f83a5a69e",
                     refsource: "MISC",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4971613c1639d8e5f102c4e797c3bf8f83a5a69e",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/4971613c1639d8e5f102c4e797c3bf8f83a5a69e",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/4971613c1639d8e5f102c4e797c3bf8f83a5a69e",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6",
                     refsource: "MISC",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.6",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/008ba2a13f2d04c947adc536d19debb8fe66f110",
                     refsource: "MISC",
                     url: "https://github.com/torvalds/linux/commit/008ba2a13f2d04c947adc536d19debb8fe66f110",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-15649",
      datePublished: "2017-10-19T22:00:00",
      dateReserved: "2017-10-19T00:00:00",
      dateUpdated: "2024-08-05T19:57:27.544Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-14140

Vulnerability from cvelistv5

Published

2017-09-05 06:00

Modified

2024-08-05 19:20

Severity ?

Summary

The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.

References

▼	URL	Tags
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9	x_refsource_CONFIRM
	https://usn.ubuntu.com/3583-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:1062	vendor-advisory, x_refsource_REDHAT
	https://source.android.com/security/bulletin/pixel/2018-01-01	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3981	vendor-advisory, x_refsource_DEBIAN
	https://usn.ubuntu.com/3583-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:0676	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/197e7e521384a23b9e585178f3f11c9fa08274b9	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/100876	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197e7e521384a23b9e585178f3f11c9fa08274b9	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:20:40.695Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9",
               },
               {
                  name: "USN-3583-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-2/",
               },
               {
                  name: "RHSA-2018:1062",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1062",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/pixel/2018-01-01",
               },
               {
                  name: "DSA-3981",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3981",
               },
               {
                  name: "USN-3583-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-1/",
               },
               {
                  name: "RHSA-2018:0676",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0676",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/197e7e521384a23b9e585178f3f11c9fa08274b9",
               },
               {
                  name: "100876",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100876",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197e7e521384a23b9e585178f3f11c9fa08274b9",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-09-05T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-04-11T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9",
            },
            {
               name: "USN-3583-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-2/",
            },
            {
               name: "RHSA-2018:1062",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1062",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/pixel/2018-01-01",
            },
            {
               name: "DSA-3981",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3981",
            },
            {
               name: "USN-3583-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-1/",
            },
            {
               name: "RHSA-2018:0676",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0676",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/197e7e521384a23b9e585178f3f11c9fa08274b9",
            },
            {
               name: "100876",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100876",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197e7e521384a23b9e585178f3f11c9fa08274b9",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-14140",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.9",
                  },
                  {
                     name: "USN-3583-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-2/",
                  },
                  {
                     name: "RHSA-2018:1062",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1062",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/pixel/2018-01-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/pixel/2018-01-01",
                  },
                  {
                     name: "DSA-3981",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3981",
                  },
                  {
                     name: "USN-3583-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3583-1/",
                  },
                  {
                     name: "RHSA-2018:0676",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0676",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/197e7e521384a23b9e585178f3f11c9fa08274b9",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/197e7e521384a23b9e585178f3f11c9fa08274b9",
                  },
                  {
                     name: "100876",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/100876",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197e7e521384a23b9e585178f3f11c9fa08274b9",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=197e7e521384a23b9e585178f3f11c9fa08274b9",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-14140",
      datePublished: "2017-09-05T06:00:00",
      dateReserved: "2017-09-05T00:00:00",
      dateUpdated: "2024-08-05T19:20:40.695Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-10661

Vulnerability from cvelistv5

Published

2017-08-19 18:00

Modified

2024-08-05 17:41

Severity ?

Summary

Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2018:3083	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/100215	vdb-entry, x_refsource_BID
	https://bugzilla.redhat.com/show_bug.cgi?id=1481136	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.15	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3981	vendor-advisory, x_refsource_DEBIAN
	https://source.android.com/security/bulletin/2017-08-01	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/1e38da300e1e395a15048b0af1e5305bd91402f6	x_refsource_CONFIRM
	https://www.exploit-db.com/exploits/43345/	exploit, x_refsource_EXPLOIT-DB
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e38da300e1e395a15048b0af1e5305bd91402f6	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:3096	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:4058	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:4057	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0036	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T17:41:55.518Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2018:3083",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:3083",
               },
               {
                  name: "100215",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100215",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1481136",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.15",
               },
               {
                  name: "DSA-3981",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3981",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-08-01",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/1e38da300e1e395a15048b0af1e5305bd91402f6",
               },
               {
                  name: "43345",
                  tags: [
                     "exploit",
                     "x_refsource_EXPLOIT-DB",
                     "x_transferred",
                  ],
                  url: "https://www.exploit-db.com/exploits/43345/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e38da300e1e395a15048b0af1e5305bd91402f6",
               },
               {
                  name: "RHSA-2018:3096",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:3096",
               },
               {
                  name: "RHSA-2019:4058",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:4058",
               },
               {
                  name: "RHSA-2019:4057",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:4057",
               },
               {
                  name: "RHSA-2020:0036",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0036",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-08T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-01-07T15:06:04",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "RHSA-2018:3083",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:3083",
            },
            {
               name: "100215",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100215",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1481136",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.15",
            },
            {
               name: "DSA-3981",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3981",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-08-01",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/1e38da300e1e395a15048b0af1e5305bd91402f6",
            },
            {
               name: "43345",
               tags: [
                  "exploit",
                  "x_refsource_EXPLOIT-DB",
               ],
               url: "https://www.exploit-db.com/exploits/43345/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e38da300e1e395a15048b0af1e5305bd91402f6",
            },
            {
               name: "RHSA-2018:3096",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:3096",
            },
            {
               name: "RHSA-2019:4058",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:4058",
            },
            {
               name: "RHSA-2019:4057",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:4057",
            },
            {
               name: "RHSA-2020:0036",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0036",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-10661",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2018:3083",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:3083",
                  },
                  {
                     name: "100215",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/100215",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=1481136",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=1481136",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.15",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.15",
                  },
                  {
                     name: "DSA-3981",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3981",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-08-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-08-01",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/1e38da300e1e395a15048b0af1e5305bd91402f6",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/1e38da300e1e395a15048b0af1e5305bd91402f6",
                  },
                  {
                     name: "43345",
                     refsource: "EXPLOIT-DB",
                     url: "https://www.exploit-db.com/exploits/43345/",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e38da300e1e395a15048b0af1e5305bd91402f6",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1e38da300e1e395a15048b0af1e5305bd91402f6",
                  },
                  {
                     name: "RHSA-2018:3096",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:3096",
                  },
                  {
                     name: "RHSA-2019:4058",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:4058",
                  },
                  {
                     name: "RHSA-2019:4057",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:4057",
                  },
                  {
                     name: "RHSA-2020:0036",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2020:0036",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-10661",
      datePublished: "2017-08-19T18:00:00",
      dateReserved: "2017-06-28T00:00:00",
      dateUpdated: "2024-08-05T17:41:55.518Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7518

Vulnerability from cvelistv5

Published

2018-07-30 13:00

Modified

2024-08-05 16:04

Severity ?

5.5 (Medium) - CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Summary

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.

References

▼	URL	Tags
	https://access.redhat.com/errata/RHSA-2018:0412	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/articles/3290921	x_refsource_CONFIRM
	https://usn.ubuntu.com/3619-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:0395	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3754-1/	vendor-advisory, x_refsource_UBUNTU
	http://www.securitytracker.com/id/1038782	vdb-entry, x_refsource_SECTRACK
	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518	x_refsource_CONFIRM
	http://www.openwall.com/lists/oss-security/2017/06/23/5	mailing-list, x_refsource_MLIST
	https://usn.ubuntu.com/3619-1/	vendor-advisory, x_refsource_UBUNTU
	https://www.debian.org/security/2017/dsa-3981	vendor-advisory, x_refsource_DEBIAN
	https://www.spinics.net/lists/kvm/msg151817.html	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/99263	vdb-entry, x_refsource_BID

Impacted products

	Vendor	Product	Version
	[UNKNOWN]	Kernel:	Version: 4.12

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:04:11.892Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "RHSA-2018:0412",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0412",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/articles/3290921",
               },
               {
                  name: "USN-3619-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3619-2/",
               },
               {
                  name: "RHSA-2018:0395",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0395",
               },
               {
                  name: "USN-3754-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3754-1/",
               },
               {
                  name: "1038782",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038782",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518",
               },
               {
                  name: "[oss-security] 20170623 CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/06/23/5",
               },
               {
                  name: "USN-3619-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3619-1/",
               },
               {
                  name: "DSA-3981",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2017/dsa-3981",
               },
               {
                  name: "[kvm] 20170622 [PATCH] KVM: x86: fix singlestepping over syscall",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://www.spinics.net/lists/kvm/msg151817.html",
               },
               {
                  name: "99263",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99263",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Kernel:",
               vendor: "[UNKNOWN]",
               versions: [
                  {
                     status: "affected",
                     version: "4.12",
                  },
               ],
            },
         ],
         datePublic: "2017-06-22T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "ADJACENT_NETWORK",
                  availabilityImpact: "LOW",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "LOW",
                  integrityImpact: "LOW",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-250",
                     description: "CWE-250",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-08-24T09:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "RHSA-2018:0412",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0412",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/articles/3290921",
            },
            {
               name: "USN-3619-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3619-2/",
            },
            {
               name: "RHSA-2018:0395",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0395",
            },
            {
               name: "USN-3754-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3754-1/",
            },
            {
               name: "1038782",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038782",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518",
            },
            {
               name: "[oss-security] 20170623 CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/06/23/5",
            },
            {
               name: "USN-3619-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3619-1/",
            },
            {
               name: "DSA-3981",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2017/dsa-3981",
            },
            {
               name: "[kvm] 20170622 [PATCH] KVM: x86: fix singlestepping over syscall",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://www.spinics.net/lists/kvm/msg151817.html",
            },
            {
               name: "99263",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99263",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "secalert@redhat.com",
               ID: "CVE-2017-7518",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Kernel:",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "4.12",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "[UNKNOWN]",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.",
                  },
               ],
            },
            impact: {
               cvss: [
                  [
                     {
                        vectorString: "5.5/CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                        version: "3.0",
                     },
                  ],
                  [
                     {
                        vectorString: "5.4/AV:A/AC:M/Au:N/C:P/I:P/A:P",
                        version: "2.0",
                     },
                  ],
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "CWE-250",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "RHSA-2018:0412",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0412",
                  },
                  {
                     name: "https://access.redhat.com/articles/3290921",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/articles/3290921",
                  },
                  {
                     name: "USN-3619-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3619-2/",
                  },
                  {
                     name: "RHSA-2018:0395",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0395",
                  },
                  {
                     name: "USN-3754-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3754-1/",
                  },
                  {
                     name: "1038782",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1038782",
                  },
                  {
                     name: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518",
                  },
                  {
                     name: "[oss-security] 20170623 CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2017/06/23/5",
                  },
                  {
                     name: "USN-3619-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3619-1/",
                  },
                  {
                     name: "DSA-3981",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2017/dsa-3981",
                  },
                  {
                     name: "[kvm] 20170622 [PATCH] KVM: x86: fix singlestepping over syscall",
                     refsource: "MLIST",
                     url: "https://www.spinics.net/lists/kvm/msg151817.html",
                  },
                  {
                     name: "99263",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99263",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-7518",
      datePublished: "2018-07-30T13:00:00",
      dateReserved: "2017-04-05T00:00:00",
      dateUpdated: "2024-08-05T16:04:11.892Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-8924

Vulnerability from cvelistv5

Published

2017-05-12 21:00

Modified

2024-08-05 16:48

Severity ?

Summary

The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.

References

▼	URL	Tags
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98451	vdb-entry, x_refsource_BID
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:48:22.931Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e",
               },
               {
                  name: "98451",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98451",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-12T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e",
            },
            {
               name: "98451",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98451",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-8924",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.4",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/654b404f2a222f918af9b0cd18ad469d0c941a8e",
                  },
                  {
                     name: "98451",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98451",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=654b404f2a222f918af9b0cd18ad469d0c941a8e",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-8924",
      datePublished: "2017-05-12T21:00:00",
      dateReserved: "2017-05-12T00:00:00",
      dateUpdated: "2024-08-05T16:48:22.931Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-15265

Vulnerability from cvelistv5

Published

2017-10-16 18:00

Modified

2024-08-05 19:50

Severity ?

Summary

Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.

References

▼	URL	Tags
	http://www.openwall.com/lists/oss-security/2017/10/11/3	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/101288	vdb-entry, x_refsource_BID
	https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2018:2390	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1039561	vdb-entry, x_refsource_SECTRACK
	https://access.redhat.com/errata/RHSA-2018:1062	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:3823	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:0676	vendor-advisory, x_refsource_REDHAT
	http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html	mailing-list, x_refsource_MLIST
	https://access.redhat.com/errata/RHSA-2018:1170	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3698-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2018:1130	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:3822	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3698-2/	vendor-advisory, x_refsource_UBUNTU
	https://www.oracle.com/security-alerts/cpujul2020.html	x_refsource_MISC
	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html	x_refsource_MISC
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8	x_refsource_CONFIRM
	https://bugzilla.suse.com/show_bug.cgi?id=1062520	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2018-02-01	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T19:50:16.603Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[oss-security] 20171011 Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2017/10/11/3",
               },
               {
                  name: "101288",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/101288",
               },
               {
                  name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
               },
               {
                  name: "RHSA-2018:2390",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:2390",
               },
               {
                  name: "1039561",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039561",
               },
               {
                  name: "RHSA-2018:1062",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1062",
               },
               {
                  name: "RHSA-2018:3823",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:3823",
               },
               {
                  name: "RHSA-2018:0676",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0676",
               },
               {
                  name: "[alsa-devel] 20171011 [PATCH] ALSA: seq: Fix use-after-free at creating a port",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html",
               },
               {
                  name: "RHSA-2018:1170",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1170",
               },
               {
                  name: "USN-3698-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3698-1/",
               },
               {
                  name: "RHSA-2018:1130",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1130",
               },
               {
                  name: "RHSA-2018:3822",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:3822",
               },
               {
                  name: "USN-3698-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3698-2/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujul2020.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.suse.com/show_bug.cgi?id=1062520",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2018-02-01",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-10-11T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-07-15T02:22:55",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "[oss-security] 20171011 Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2017/10/11/3",
            },
            {
               name: "101288",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/101288",
            },
            {
               name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
            },
            {
               name: "RHSA-2018:2390",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:2390",
            },
            {
               name: "1039561",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039561",
            },
            {
               name: "RHSA-2018:1062",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1062",
            },
            {
               name: "RHSA-2018:3823",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:3823",
            },
            {
               name: "RHSA-2018:0676",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0676",
            },
            {
               name: "[alsa-devel] 20171011 [PATCH] ALSA: seq: Fix use-after-free at creating a port",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html",
            },
            {
               name: "RHSA-2018:1170",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1170",
            },
            {
               name: "USN-3698-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3698-1/",
            },
            {
               name: "RHSA-2018:1130",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1130",
            },
            {
               name: "RHSA-2018:3822",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:3822",
            },
            {
               name: "USN-3698-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3698-2/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujul2020.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.suse.com/show_bug.cgi?id=1062520",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2018-02-01",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-15265",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "[oss-security] 20171011 Linux kernel: alsa: use-after-free in /dev/snd/seq CVE-2017-15265",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2017/10/11/3",
                  },
                  {
                     name: "101288",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/101288",
                  },
                  {
                     name: "[debian-lts-announce] 20171210 [SECURITY] [DLA 1200-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2017/12/msg00004.html",
                  },
                  {
                     name: "RHSA-2018:2390",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:2390",
                  },
                  {
                     name: "1039561",
                     refsource: "SECTRACK",
                     url: "http://www.securitytracker.com/id/1039561",
                  },
                  {
                     name: "RHSA-2018:1062",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1062",
                  },
                  {
                     name: "RHSA-2018:3823",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:3823",
                  },
                  {
                     name: "RHSA-2018:0676",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:0676",
                  },
                  {
                     name: "[alsa-devel] 20171011 [PATCH] ALSA: seq: Fix use-after-free at creating a port",
                     refsource: "MLIST",
                     url: "http://mailman.alsa-project.org/pipermail/alsa-devel/2017-October/126292.html",
                  },
                  {
                     name: "RHSA-2018:1170",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1170",
                  },
                  {
                     name: "USN-3698-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3698-1/",
                  },
                  {
                     name: "RHSA-2018:1130",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1130",
                  },
                  {
                     name: "RHSA-2018:3822",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:3822",
                  },
                  {
                     name: "USN-3698-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3698-2/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujul2020.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujul2020.html",
                  },
                  {
                     name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
                  },
                  {
                     name: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                     refsource: "CONFIRM",
                     url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/71105998845fb012937332fe2e806d443c09e026",
                  },
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=71105998845fb012937332fe2e806d443c09e026",
                  },
                  {
                     name: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8",
                     refsource: "CONFIRM",
                     url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.8",
                  },
                  {
                     name: "https://bugzilla.suse.com/show_bug.cgi?id=1062520",
                     refsource: "CONFIRM",
                     url: "https://bugzilla.suse.com/show_bug.cgi?id=1062520",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2018-02-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2018-02-01",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-15265",
      datePublished: "2017-10-16T18:00:00",
      dateReserved: "2017-10-11T00:00:00",
      dateUpdated: "2024-08-05T19:50:16.603Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7541

Vulnerability from cvelistv5

Published

2017-07-25 04:00

Modified

2024-08-05 16:04

Severity ?

Summary

The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.

References

▼	URL	Tags
	http://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	https://github.com/torvalds/linux/commit/8f44c9a41386729fea410e688959ddaa9d51be7c	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/99955	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2918	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory, x_refsource_REDHAT
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1473198	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2863	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1038981	vdb-entry, x_refsource_SECTRACK
	https://bugzilla.novell.com/show_bug.cgi?id=1049645	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://www.spinics.net/lists/stable/msg180994.html	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2017/07/24/2	x_refsource_CONFIRM
	http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f44c9a41386729fea410e688959ddaa9d51be7c	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	Linux kernel before 4.12.3	Version: Linux kernel before 4.12.3

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:04:11.990Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3927",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/8f44c9a41386729fea410e688959ddaa9d51be7c",
               },
               {
                  name: "99955",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99955",
               },
               {
                  name: "RHSA-2017:2918",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2918",
               },
               {
                  name: "RHSA-2017:2931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2931",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-11-01",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1473198",
               },
               {
                  name: "RHSA-2017:2863",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2863",
               },
               {
                  name: "1038981",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1038981",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.novell.com/show_bug.cgi?id=1049645",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.spinics.net/lists/stable/msg180994.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://openwall.com/lists/oss-security/2017/07/24/2",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f44c9a41386729fea410e688959ddaa9d51be7c",
               },
               {
                  name: "RHSA-2017:2930",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2930",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel before 4.12.3",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Linux kernel before 4.12.3",
                  },
               ],
            },
         ],
         datePublic: "2017-07-24T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "memory corruption",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-12-07T10:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3927",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/8f44c9a41386729fea410e688959ddaa9d51be7c",
            },
            {
               name: "99955",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99955",
            },
            {
               name: "RHSA-2017:2918",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2918",
            },
            {
               name: "RHSA-2017:2931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2931",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-11-01",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1473198",
            },
            {
               name: "RHSA-2017:2863",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2863",
            },
            {
               name: "1038981",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1038981",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.novell.com/show_bug.cgi?id=1049645",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.spinics.net/lists/stable/msg180994.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://openwall.com/lists/oss-security/2017/07/24/2",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.3",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8f44c9a41386729fea410e688959ddaa9d51be7c",
            },
            {
               name: "RHSA-2017:2930",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2930",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-7541",
      datePublished: "2017-07-25T04:00:00",
      dateReserved: "2017-04-05T00:00:00",
      dateUpdated: "2024-08-05T16:04:11.990Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7542

Vulnerability from cvelistv5

Published

2017-07-21 16:00

Modified

2024-08-05 16:04

Severity ?

Summary

The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.

References

▼	URL	Tags
	http://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2018:0169	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3583-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2017:2918	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2017:2931	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/99953	vdb-entry, x_refsource_BID
	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0	x_refsource_CONFIRM
	https://usn.ubuntu.com/3583-1/	vendor-advisory, x_refsource_UBUNTU
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6	x_refsource_CONFIRM
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2930	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	Linux kernel versions up to and including 4.12	Version: Linux kernel versions up to and including 4.12

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:04:11.869Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3927",
               },
               {
                  name: "RHSA-2018:0169",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0169",
               },
               {
                  name: "USN-3583-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-2/",
               },
               {
                  name: "RHSA-2017:2918",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2918",
               },
               {
                  name: "RHSA-2017:2931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2931",
               },
               {
                  name: "99953",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99953",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
               },
               {
                  name: "USN-3583-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3583-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6",
               },
               {
                  name: "RHSA-2017:2930",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2930",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel versions up to and including 4.12",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Linux kernel versions up to and including 4.12",
                  },
               ],
            },
         ],
         datePublic: "2017-07-21T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-190",
                     description: "CWE-190",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-11-30T20:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3927",
            },
            {
               name: "RHSA-2018:0169",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0169",
            },
            {
               name: "USN-3583-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-2/",
            },
            {
               name: "RHSA-2017:2918",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2918",
            },
            {
               name: "RHSA-2017:2931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2931",
            },
            {
               name: "99953",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99953",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
            },
            {
               name: "USN-3583-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3583-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6399f1fae4ec29fab5ec76070435555e256ca3a6",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/6399f1fae4ec29fab5ec76070435555e256ca3a6",
            },
            {
               name: "RHSA-2017:2930",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2930",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-7542",
      datePublished: "2017-07-21T16:00:00",
      dateReserved: "2017-04-05T00:00:00",
      dateUpdated: "2024-08-05T16:04:11.869Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-12154

Vulnerability from cvelistv5

Published

2017-09-26 05:00

Modified

2024-08-05 18:28

Severity ?

Summary

The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68e7d57e3217192d88ce90fd5b8ef29ec94f	x_refsource_CONFIRM
	https://bugzilla.redhat.com/show_bug.cgi?id=1491224	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:1062	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/100856	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2017/dsa-3981	vendor-advisory, x_refsource_DEBIAN
	https://www.spinics.net/lists/kvm/msg155414.html	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2018:0676	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/3698-1/	vendor-advisory, x_refsource_UBUNTU
	https://github.com/torvalds/linux/commit/51aa68e7d57e3217192d88ce90fd5b8ef29ec94f	x_refsource_CONFIRM
	https://usn.ubuntu.com/3698-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2019:1946	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	Linux kernel through 4.13.3	Version: Linux kernel through 4.13.3

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T18:28:16.642Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68e7d57e3217192d88ce90fd5b8ef29ec94f",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1491224",
               },
               {
                  name: "RHSA-2018:1062",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1062",
               },
               {
                  name: "100856",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/100856",
               },
               {
                  name: "DSA-3981",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3981",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.spinics.net/lists/kvm/msg155414.html",
               },
               {
                  name: "RHSA-2018:0676",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:0676",
               },
               {
                  name: "USN-3698-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3698-1/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/51aa68e7d57e3217192d88ce90fd5b8ef29ec94f",
               },
               {
                  name: "USN-3698-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3698-2/",
               },
               {
                  name: "RHSA-2019:1946",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:1946",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel through 4.13.3",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Linux kernel through 4.13.3",
                  },
               ],
            },
         ],
         datePublic: "2017-09-26T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the \"CR8-load exiting\" and \"CR8-store exiting\" L0 vmcs02 controls exist in cases where L1 omits the \"use TPR shadow\" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "incorrect access control",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2019-07-30T12:06:06",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=51aa68e7d57e3217192d88ce90fd5b8ef29ec94f",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1491224",
            },
            {
               name: "RHSA-2018:1062",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1062",
            },
            {
               name: "100856",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/100856",
            },
            {
               name: "DSA-3981",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3981",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.spinics.net/lists/kvm/msg155414.html",
            },
            {
               name: "RHSA-2018:0676",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:0676",
            },
            {
               name: "USN-3698-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3698-1/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/51aa68e7d57e3217192d88ce90fd5b8ef29ec94f",
            },
            {
               name: "USN-3698-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3698-2/",
            },
            {
               name: "RHSA-2019:1946",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:1946",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-12154",
      datePublished: "2017-09-26T05:00:00",
      dateReserved: "2017-08-01T00:00:00",
      dateUpdated: "2024-08-05T18:28:16.642Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-1000365

Vulnerability from cvelistv5

Published

2017-06-19 16:00

Modified

2024-08-05 22:00

Severity ?

Summary

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.

References

▼	URL	Tags
	http://www.debian.org/security/2017/dsa-3927	vendor-advisory, x_refsource_DEBIAN
	http://www.securityfocus.com/bid/99156	vdb-entry, x_refsource_BID
	https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt	x_refsource_MISC
	http://www.debian.org/security/2017/dsa-3945	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/security/cve/CVE-2017-1000365	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T22:00:39.881Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "DSA-3927",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3927",
               },
               {
                  name: "99156",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/99156",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
               },
               {
                  name: "DSA-3945",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3945",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/CVE-2017-1000365",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-06-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               name: "DSA-3927",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3927",
            },
            {
               name: "99156",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/99156",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
            },
            {
               name: "DSA-3945",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3945",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://access.redhat.com/security/cve/CVE-2017-1000365",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-1000365",
               REQUESTER: "qsa@qualys.com",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "DSA-3927",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3927",
                  },
                  {
                     name: "99156",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/99156",
                  },
                  {
                     name: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
                     refsource: "MISC",
                     url: "https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt",
                  },
                  {
                     name: "DSA-3945",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3945",
                  },
                  {
                     name: "https://access.redhat.com/security/cve/CVE-2017-1000365",
                     refsource: "CONFIRM",
                     url: "https://access.redhat.com/security/cve/CVE-2017-1000365",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-1000365",
      datePublished: "2017-06-19T16:00:00",
      dateReserved: "2017-06-19T00:00:00",
      dateUpdated: "2024-08-05T22:00:39.881Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-7487

Vulnerability from cvelistv5

Published

2017-05-14 22:00

Modified

2024-08-05 16:04

Severity ?

Summary

The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.

References

▼	URL	Tags
	http://www.securitytracker.com/id/1039237	vdb-entry, x_refsource_SECTRACK
	https://github.com/torvalds/linux/commit/ee0d8d8482345ff97a75a7d747efc309f13b0d80	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-09-01	x_refsource_CONFIRM
	https://patchwork.ozlabs.org/patch/757549/	x_refsource_CONFIRM
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee0d8d8482345ff97a75a7d747efc309f13b0d80	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98439	vdb-entry, x_refsource_BID
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://bugzilla.redhat.com/show_bug.cgi?id=1447734	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	Linux kernel through 4.11.1	Version: Linux kernel through 4.11.1

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:04:11.583Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "1039237",
                  tags: [
                     "vdb-entry",
                     "x_refsource_SECTRACK",
                     "x_transferred",
                  ],
                  url: "http://www.securitytracker.com/id/1039237",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/ee0d8d8482345ff97a75a7d747efc309f13b0d80",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-09-01",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/757549/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee0d8d8482345ff97a75a7d747efc309f13b0d80",
               },
               {
                  name: "98439",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98439",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=1447734",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel through 4.11.1",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Linux kernel through 4.11.1",
                  },
               ],
            },
         ],
         datePublic: "2017-05-14T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "mishandles reference counts",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2017-11-03T18:57:01",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "1039237",
               tags: [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
               ],
               url: "http://www.securitytracker.com/id/1039237",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/ee0d8d8482345ff97a75a7d747efc309f13b0d80",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-09-01",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/757549/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ee0d8d8482345ff97a75a7d747efc309f13b0d80",
            },
            {
               name: "98439",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98439",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=1447734",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2017-7487",
      datePublished: "2017-05-14T22:00:00",
      dateReserved: "2017-04-05T00:00:00",
      dateUpdated: "2024-08-05T16:04:11.583Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2017-9077

Vulnerability from cvelistv5

Published

2017-05-19 14:00

Modified

2024-08-05 16:55

Severity ?

Summary

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

References

▼	URL	Tags
	http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52	x_refsource_CONFIRM
	https://patchwork.ozlabs.org/patch/760370/	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/98583	vdb-entry, x_refsource_BID
	https://access.redhat.com/errata/RHSA-2017:2669	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2018:1854	vendor-advisory, x_refsource_REDHAT
	https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52	x_refsource_CONFIRM
	https://source.android.com/security/bulletin/2017-11-01	x_refsource_CONFIRM
	https://access.redhat.com/errata/RHSA-2017:2077	vendor-advisory, x_refsource_REDHAT
	http://www.debian.org/security/2017/dsa-3886	vendor-advisory, x_refsource_DEBIAN
	https://access.redhat.com/errata/RHSA-2017:1842	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T16:55:21.888Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://patchwork.ozlabs.org/patch/760370/",
               },
               {
                  name: "98583",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/98583",
               },
               {
                  name: "RHSA-2017:2669",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2669",
               },
               {
                  name: "RHSA-2018:1854",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2018:1854",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2017-11-01",
               },
               {
                  name: "RHSA-2017:2077",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:2077",
               },
               {
                  name: "DSA-3886",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "http://www.debian.org/security/2017/dsa-3886",
               },
               {
                  name: "RHSA-2017:1842",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2017:1842",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "n/a",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "n/a",
                  },
               ],
            },
         ],
         datePublic: "2017-05-19T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2018-06-19T09:57:01",
            orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            shortName: "mitre",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://patchwork.ozlabs.org/patch/760370/",
            },
            {
               name: "98583",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/98583",
            },
            {
               name: "RHSA-2017:2669",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2669",
            },
            {
               name: "RHSA-2018:1854",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2018:1854",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2017-11-01",
            },
            {
               name: "RHSA-2017:2077",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:2077",
            },
            {
               name: "DSA-3886",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "http://www.debian.org/security/2017/dsa-3886",
            },
            {
               name: "RHSA-2017:1842",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2017:1842",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "cve@mitre.org",
               ID: "CVE-2017-9077",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "n/a",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "n/a",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
                     refsource: "CONFIRM",
                     url: "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=83eaddab4378db256d00d295bda6ca997cd13a52",
                  },
                  {
                     name: "https://patchwork.ozlabs.org/patch/760370/",
                     refsource: "CONFIRM",
                     url: "https://patchwork.ozlabs.org/patch/760370/",
                  },
                  {
                     name: "98583",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/98583",
                  },
                  {
                     name: "RHSA-2017:2669",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2669",
                  },
                  {
                     name: "RHSA-2018:1854",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2018:1854",
                  },
                  {
                     name: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
                     refsource: "CONFIRM",
                     url: "https://github.com/torvalds/linux/commit/83eaddab4378db256d00d295bda6ca997cd13a52",
                  },
                  {
                     name: "https://source.android.com/security/bulletin/2017-11-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2017-11-01",
                  },
                  {
                     name: "RHSA-2017:2077",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:2077",
                  },
                  {
                     name: "DSA-3886",
                     refsource: "DEBIAN",
                     url: "http://www.debian.org/security/2017/dsa-3886",
                  },
                  {
                     name: "RHSA-2017:1842",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2017:1842",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
      assignerShortName: "mitre",
      cveId: "CVE-2017-9077",
      datePublished: "2017-05-19T14:00:00",
      dateReserved: "2017-05-19T00:00:00",
      dateUpdated: "2024-08-05T16:55:21.888Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

Vulnerability from csaf_suse

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature