Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-4470 (GCVE-0-2016-4470)
Vulnerability from cvelistv5 – Published: 2016-06-27 10:00 – Updated: 2024-08-06 00:32
VLAI
EPSS
Summary
The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
48 references
Date Public
2016-06-15 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:32:25.328Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "SUSE-SU-2016:2010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
},
{
"name": "SUSE-SU-2016:2011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html"
},
{
"name": "USN-3054-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3054-1"
},
{
"name": "SUSE-SU-2016:2003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html"
},
{
"name": "RHSA-2016:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1657.html"
},
{
"name": "SUSE-SU-2016:1994",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "USN-3051-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3051-1"
},
{
"name": "RHSA-2016:2128",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"
},
{
"name": "SUSE-SU-2016:1961",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
},
{
"name": "RHSA-2016:2133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "SUSE-SU-2016:2001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "USN-3053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3053-1"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "SUSE-SU-2016:1998",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html"
},
{
"name": "USN-3055-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3055-1"
},
{
"name": "SUSE-SU-2016:2006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
},
{
"name": "USN-3056-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3056-1"
},
{
"name": "USN-3052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3052-1"
},
{
"name": "USN-3049-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3049-1"
},
{
"name": "RHSA-2016:1541",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1541.html"
},
{
"name": "SUSE-SU-2016:2014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
},
{
"name": "SUSE-SU-2016:2018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html"
},
{
"name": "DSA-3607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"name": "RHSA-2016:1539",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1539.html"
},
{
"name": "1036763",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1036763"
},
{
"name": "RHSA-2016:1532",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1532.html"
},
{
"name": "RHSA-2016:2006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2006.html"
},
{
"name": "SUSE-SU-2016:2009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a"
},
{
"name": "[oss-security] 20160615 CVE-2016-4470: Linux kernel Uninitialized variable in request_key handling user controlled kfree().",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/11"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341716"
},
{
"name": "USN-3050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3050-1"
},
{
"name": "SUSE-SU-2016:2005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
},
{
"name": "SUSE-SU-2016:2007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
},
{
"name": "SUSE-SU-2016:1999",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html"
},
{
"name": "SUSE-SU-2016:2000",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
},
{
"name": "RHSA-2016:2076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2076.html"
},
{
"name": "USN-3057-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-3057-1"
},
{
"name": "SUSE-SU-2016:1995",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
},
{
"name": "RHSA-2016:2074",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2074.html"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "SUSE-SU-2016:2002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-06-15T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html"
},
{
"name": "SUSE-SU-2016:2010",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"
},
{
"name": "SUSE-SU-2016:2011",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html"
},
{
"name": "USN-3054-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3054-1"
},
{
"name": "SUSE-SU-2016:2003",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html"
},
{
"name": "RHSA-2016:1657",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1657.html"
},
{
"name": "SUSE-SU-2016:1994",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
},
{
"name": "USN-3051-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3051-1"
},
{
"name": "RHSA-2016:2128",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2128.html"
},
{
"name": "SUSE-SU-2016:1961",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"
},
{
"name": "RHSA-2016:2133",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2133.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html"
},
{
"name": "SUSE-SU-2016:2001",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"
},
{
"name": "SUSE-SU-2016:1985",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"
},
{
"name": "USN-3053-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3053-1"
},
{
"name": "openSUSE-SU-2016:2184",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"
},
{
"name": "SUSE-SU-2016:1998",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html"
},
{
"name": "USN-3055-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3055-1"
},
{
"name": "SUSE-SU-2016:2006",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"
},
{
"name": "USN-3056-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3056-1"
},
{
"name": "USN-3052-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3052-1"
},
{
"name": "USN-3049-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3049-1"
},
{
"name": "RHSA-2016:1541",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1541.html"
},
{
"name": "SUSE-SU-2016:2014",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"
},
{
"name": "SUSE-SU-2016:2018",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html"
},
{
"name": "DSA-3607",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3607"
},
{
"name": "RHSA-2016:1539",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1539.html"
},
{
"name": "1036763",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1036763"
},
{
"name": "RHSA-2016:1532",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-1532.html"
},
{
"name": "RHSA-2016:2006",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2006.html"
},
{
"name": "SUSE-SU-2016:2009",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a"
},
{
"name": "[oss-security] 20160615 CVE-2016-4470: Linux kernel Uninitialized variable in request_key handling user controlled kfree().",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/06/15/11"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1341716"
},
{
"name": "USN-3050-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3050-1"
},
{
"name": "SUSE-SU-2016:2005",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"
},
{
"name": "SUSE-SU-2016:2007",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"
},
{
"name": "SUSE-SU-2016:1999",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html"
},
{
"name": "SUSE-SU-2016:2000",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"
},
{
"name": "RHSA-2016:2076",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2076.html"
},
{
"name": "USN-3057-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-3057-1"
},
{
"name": "SUSE-SU-2016:1995",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"
},
{
"name": "RHSA-2016:2074",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-2074.html"
},
{
"name": "SUSE-SU-2016:2105",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"
},
{
"name": "SUSE-SU-2016:2002",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a"
},
{
"name": "SUSE-SU-2016:1937",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-4470",
"datePublished": "2016-06-27T10:00:00.000Z",
"dateReserved": "2016-05-02T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:32:25.328Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-4470",
"date": "2026-05-27",
"epss": "0.00055",
"percentile": "0.17197"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C2D62B2C-40E5-41B7-9DAA-029BCD079054\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4BA58099-26F7-4B01-B9FC-275F012FE9C6\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3CCD459-9E6D-4731-8054-CDF8B58454A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CC7A498A-A669-4C42-8134-86103C799D13\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"104DA87B-DEE4-4262-AE50-8E6BC43B228B\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.6.3\", \"matchCriteriaId\": \"FC099084-12C9-4396-ABC7-F389CFAD871E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2905A9C-3E00-4188-8341-E5C2F62EF405\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_for_real_time:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BA3C94F-5FA1-4805-A3EC-6E27AE9AB10C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C84489B-B08C-4854-8A12-D01B6E45CF79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"079318CC-8A10-401B-8BC9-8CD28C3F1797\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1C8D871B-AEA1-4407-AEE3-47EC782250FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"44B067C7-735E-43C9-9188-7E1522A02491\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C60FA8B1-1802-4522-A088-22171DCF7A93\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n key_reject_and_link en security/keys/key.c en el kernel de Linux hasta la versi\\u00f3n 4.6.3 no asegura que cierta estructura de datos est\\u00e9 inicializada, lo que permite a usuarios locales provocar una denegaci\\u00f3n de servicio (ca\\u00edda del sistema) a trav\\u00e9s de vectores involucrando un comando keyctl request2 manipulado.\"}]",
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/416.html\"\u003eCWE-416: Use After Free\u003c/a\u003e",
"id": "CVE-2016-4470",
"lastModified": "2024-11-21T02:52:17.290",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2016-06-27T10:59:08.720",
"references": "[{\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1532.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1539.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1541.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1657.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2006.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2074.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2076.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2128.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2133.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3607\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/06/15/11\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1036763\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3049-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3050-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3051-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3052-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3053-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3054-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3055-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3056-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3057-1\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1341716\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1532.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1539.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1541.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-1657.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2006.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2074.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2076.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2128.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2016-2133.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2016/dsa-3607\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/06/15/11\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.securitytracker.com/id/1036763\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3049-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3050-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3051-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3052-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3053-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3054-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3055-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3056-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-3057-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1341716\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-4470\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-06-27T10:59:08.720\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n key_reject_and_link en security/keys/key.c en el kernel de Linux hasta la versi\u00f3n 4.6.3 no asegura que cierta estructura de datos est\u00e9 inicializada, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (ca\u00edda del sistema) a trav\u00e9s de vectores involucrando un comando keyctl request2 manipulado.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:vm_server:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C2D62B2C-40E5-41B7-9DAA-029BCD079054\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:vm_server:3.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BA58099-26F7-4B01-B9FC-275F012FE9C6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:linux:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3CCD459-9E6D-4731-8054-CDF8B58454A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC7A498A-A669-4C42-8134-86103C799D13\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"104DA87B-DEE4-4262-AE50-8E6BC43B228B\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.6.3\",\"matchCriteriaId\":\"FC099084-12C9-4396-ABC7-F389CFAD871E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:novell:suse_linux_enterprise_real_time_extension:12.0:sp1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2905A9C-3E00-4188-8341-E5C2F62EF405\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_for_real_time:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BA3C94F-5FA1-4805-A3EC-6E27AE9AB10C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C84489B-B08C-4854-8A12-D01B6E45CF79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"079318CC-8A10-401B-8BC9-8CD28C3F1797\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C8D871B-AEA1-4407-AEE3-47EC782250FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44B067C7-735E-43C9-9188-7E1522A02491\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_mrg:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C60FA8B1-1802-4522-A088-22171DCF7A93\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1532.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1539.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1541.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1657.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2006.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2074.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2076.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2128.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2133.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3607\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/06/15/11\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1036763\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3049-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3050-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3051-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3052-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3053-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3054-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3055-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3056-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3057-1\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1341716\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=38327424b40bcebe2de92d07312c89360ac9229a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00013.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00027.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1532.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1539.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1541.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-1657.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2006.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2074.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2076.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2128.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-2133.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3607\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/06/15/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securitytracker.com/id/1036763\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3049-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3050-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3051-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3052-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3053-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3054-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3055-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3056-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-3057-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1341716\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/38327424b40bcebe2de92d07312c89360ac9229a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/416.html\\\"\u003eCWE-416: Use After Free\u003c/a\u003e\"}}"
}
}
SUSE-SU-2016:2002-1
Vulnerability from csaf_suse - Published: 2016-08-09 11:57 - Updated: 2016-08-09 11:57Summary
Security update for Linux Kernel Live Patch 10 for SLE 12
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 10 for SLE 12
Description of the patch: This update for the Linux Kernel 3.12.51-52_34 fixes several issues.
The following security bugs were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).
Patchnames: SUSE-SLE-SAP-12-2016-1190,SUSE-SLE-SERVER-12-2016-1190
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
63 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 10 for SLE 12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.51-52_34 fixes several issues.\n\nThe following security bugs were fixed:\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).\n- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).\n- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).\n- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).\n- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).\n- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-2016-1190,SUSE-SLE-SERVER-12-2016-1190",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2002-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2002-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162002-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2002-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002189.html"
},
{
"category": "self",
"summary": "SUSE Bug 955837",
"url": "https://bugzilla.suse.com/955837"
},
{
"category": "self",
"summary": "SUSE Bug 971793",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "self",
"summary": "SUSE Bug 973570",
"url": "https://bugzilla.suse.com/973570"
},
{
"category": "self",
"summary": "SUSE Bug 979064",
"url": "https://bugzilla.suse.com/979064"
},
{
"category": "self",
"summary": "SUSE Bug 979074",
"url": "https://bugzilla.suse.com/979074"
},
{
"category": "self",
"summary": "SUSE Bug 980856",
"url": "https://bugzilla.suse.com/980856"
},
{
"category": "self",
"summary": "SUSE Bug 980883",
"url": "https://bugzilla.suse.com/980883"
},
{
"category": "self",
"summary": "SUSE Bug 983144",
"url": "https://bugzilla.suse.com/983144"
},
{
"category": "self",
"summary": "SUSE Bug 984764",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1583 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2053 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3134 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4565 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4565/"
}
],
"title": "Security update for Linux Kernel Live Patch 10 for SLE 12",
"tracking": {
"current_release_date": "2016-08-09T11:57:22Z",
"generator": {
"date": "2016-08-09T11:57:22Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2002-1",
"initial_release_date": "2016-08-09T11:57:22Z",
"revision_history": [
{
"date": "2016-08-09T11:57:22Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"product_id": "kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"product_id": "kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:57:22Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2015-8816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8816"
}
],
"notes": [
{
"category": "general",
"text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8816",
"url": "https://www.suse.com/security/cve/CVE-2015-8816"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 968010 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "external",
"summary": "SUSE Bug 979064 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/979064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:57:22Z",
"details": "moderate"
}
],
"title": "CVE-2015-8816"
},
{
"cve": "CVE-2016-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0758"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0758",
"url": "https://www.suse.com/security/cve/CVE-2016-0758"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 979867 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/979867"
},
{
"category": "external",
"summary": "SUSE Bug 980856 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/980856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:57:22Z",
"details": "important"
}
],
"title": "CVE-2016-0758"
},
{
"cve": "CVE-2016-1583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1583"
}
],
"notes": [
{
"category": "general",
"text": "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1583",
"url": "https://www.suse.com/security/cve/CVE-2016-1583"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 983143 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983143"
},
{
"category": "external",
"summary": "SUSE Bug 983144 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:57:22Z",
"details": "important"
}
],
"title": "CVE-2016-1583"
},
{
"cve": "CVE-2016-2053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2053"
}
],
"notes": [
{
"category": "general",
"text": "The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2053",
"url": "https://www.suse.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963762 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/963762"
},
{
"category": "external",
"summary": "SUSE Bug 979074 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/979074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:57:22Z",
"details": "moderate"
}
],
"title": "CVE-2016-2053"
},
{
"cve": "CVE-2016-3134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3134"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3134",
"url": "https://www.suse.com/security/cve/CVE-2016-3134"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971126"
},
{
"category": "external",
"summary": "SUSE Bug 971793 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:57:22Z",
"details": "moderate"
}
],
"title": "CVE-2016-3134"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:57:22Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4565"
}
],
"notes": [
{
"category": "general",
"text": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4565",
"url": "https://www.suse.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 979548 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/979548"
},
{
"category": "external",
"summary": "SUSE Bug 980363 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980363"
},
{
"category": "external",
"summary": "SUSE Bug 980883 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_34-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:57:22Z",
"details": "moderate"
}
],
"title": "CVE-2016-4565"
}
]
}
SUSE-SU-2016:2003-1
Vulnerability from csaf_suse - Published: 2016-08-09 11:25 - Updated: 2016-08-09 11:25Summary
Security update for Linux Kernel Live Patch 5 for SLE 12 SP1
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 5 for SLE 12 SP1
Description of the patch: This update for the Linux Kernel 3.12.59-60_41 fixes the several issues.
These security issues were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
Patchnames: SUSE-SLE-Live-Patching-12-2016-1180
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 5 for SLE 12 SP1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.59-60_41 fixes the several issues.\n\nThese security issues were fixed:\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).\n- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).\n- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-1180",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2003-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2003-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162003-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2003-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002190.html"
},
{
"category": "self",
"summary": "SUSE Bug 979074",
"url": "https://bugzilla.suse.com/979074"
},
{
"category": "self",
"summary": "SUSE Bug 980856",
"url": "https://bugzilla.suse.com/980856"
},
{
"category": "self",
"summary": "SUSE Bug 980883",
"url": "https://bugzilla.suse.com/980883"
},
{
"category": "self",
"summary": "SUSE Bug 984764",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2053 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4565 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4565/"
}
],
"title": "Security update for Linux Kernel Live Patch 5 for SLE 12 SP1",
"tracking": {
"current_release_date": "2016-08-09T11:25:14Z",
"generator": {
"date": "2016-08-09T11:25:14Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2003-1",
"initial_release_date": "2016-08-09T11:25:14Z",
"revision_history": [
{
"date": "2016-08-09T11:25:14Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"product_id": "kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64",
"product_id": "kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:14Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2016-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0758"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0758",
"url": "https://www.suse.com/security/cve/CVE-2016-0758"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 979867 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/979867"
},
{
"category": "external",
"summary": "SUSE Bug 980856 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/980856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:14Z",
"details": "important"
}
],
"title": "CVE-2016-0758"
},
{
"cve": "CVE-2016-2053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2053"
}
],
"notes": [
{
"category": "general",
"text": "The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2053",
"url": "https://www.suse.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963762 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/963762"
},
{
"category": "external",
"summary": "SUSE Bug 979074 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/979074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:14Z",
"details": "moderate"
}
],
"title": "CVE-2016-2053"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:14Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4565"
}
],
"notes": [
{
"category": "general",
"text": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4565",
"url": "https://www.suse.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 979548 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/979548"
},
{
"category": "external",
"summary": "SUSE Bug 980363 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980363"
},
{
"category": "external",
"summary": "SUSE Bug 980883 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_41-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:14Z",
"details": "moderate"
}
],
"title": "CVE-2016-4565"
}
]
}
SUSE-SU-2016:2005-1
Vulnerability from csaf_suse - Published: 2016-08-09 11:24 - Updated: 2016-08-09 11:24Summary
Security update for Linux Kernel Live Patch 8 for SLE 12
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 8 for SLE 12
Description of the patch: This update for the Linux Kernel 3.12.48-52_27 fixes several issues.
The following security bugs were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2015-8019: The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel did not accept a length argument, which allowed local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call (bsc#979078).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).
Patchnames: SUSE-SLE-SAP-12-2016-1176,SUSE-SLE-SERVER-12-2016-1176
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
70 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 8 for SLE 12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.48-52_27 fixes several issues.\n\nThe following security bugs were fixed:\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).\n- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).\n- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).\n- CVE-2015-8019: The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel did not accept a length argument, which allowed local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call (bsc#979078).\n- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).\n- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).\n- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-2016-1176,SUSE-SLE-SERVER-12-2016-1176",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2005-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2005-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162005-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2005-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002191.html"
},
{
"category": "self",
"summary": "SUSE Bug 955837",
"url": "https://bugzilla.suse.com/955837"
},
{
"category": "self",
"summary": "SUSE Bug 971793",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "self",
"summary": "SUSE Bug 973570",
"url": "https://bugzilla.suse.com/973570"
},
{
"category": "self",
"summary": "SUSE Bug 979064",
"url": "https://bugzilla.suse.com/979064"
},
{
"category": "self",
"summary": "SUSE Bug 979074",
"url": "https://bugzilla.suse.com/979074"
},
{
"category": "self",
"summary": "SUSE Bug 979078",
"url": "https://bugzilla.suse.com/979078"
},
{
"category": "self",
"summary": "SUSE Bug 980856",
"url": "https://bugzilla.suse.com/980856"
},
{
"category": "self",
"summary": "SUSE Bug 980883",
"url": "https://bugzilla.suse.com/980883"
},
{
"category": "self",
"summary": "SUSE Bug 983144",
"url": "https://bugzilla.suse.com/983144"
},
{
"category": "self",
"summary": "SUSE Bug 984764",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8019 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1583 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2053 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3134 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4565 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4565/"
}
],
"title": "Security update for Linux Kernel Live Patch 8 for SLE 12",
"tracking": {
"current_release_date": "2016-08-09T11:24:17Z",
"generator": {
"date": "2016-08-09T11:24:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2005-1",
"initial_release_date": "2016-08-09T11:24:17Z",
"revision_history": [
{
"date": "2016-08-09T11:24:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"product_id": "kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"product_id": "kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:17Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2015-8019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8019"
}
],
"notes": [
{
"category": "general",
"text": "The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8019",
"url": "https://www.suse.com/security/cve/CVE-2015-8019"
},
{
"category": "external",
"summary": "SUSE Bug 1032268 for CVE-2015-8019",
"url": "https://bugzilla.suse.com/1032268"
},
{
"category": "external",
"summary": "SUSE Bug 951199 for CVE-2015-8019",
"url": "https://bugzilla.suse.com/951199"
},
{
"category": "external",
"summary": "SUSE Bug 952587 for CVE-2015-8019",
"url": "https://bugzilla.suse.com/952587"
},
{
"category": "external",
"summary": "SUSE Bug 979078 for CVE-2015-8019",
"url": "https://bugzilla.suse.com/979078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:17Z",
"details": "moderate"
}
],
"title": "CVE-2015-8019"
},
{
"cve": "CVE-2015-8816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8816"
}
],
"notes": [
{
"category": "general",
"text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8816",
"url": "https://www.suse.com/security/cve/CVE-2015-8816"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 968010 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "external",
"summary": "SUSE Bug 979064 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/979064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:17Z",
"details": "moderate"
}
],
"title": "CVE-2015-8816"
},
{
"cve": "CVE-2016-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0758"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0758",
"url": "https://www.suse.com/security/cve/CVE-2016-0758"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 979867 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/979867"
},
{
"category": "external",
"summary": "SUSE Bug 980856 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/980856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:17Z",
"details": "important"
}
],
"title": "CVE-2016-0758"
},
{
"cve": "CVE-2016-1583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1583"
}
],
"notes": [
{
"category": "general",
"text": "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1583",
"url": "https://www.suse.com/security/cve/CVE-2016-1583"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 983143 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983143"
},
{
"category": "external",
"summary": "SUSE Bug 983144 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:17Z",
"details": "important"
}
],
"title": "CVE-2016-1583"
},
{
"cve": "CVE-2016-2053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2053"
}
],
"notes": [
{
"category": "general",
"text": "The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2053",
"url": "https://www.suse.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963762 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/963762"
},
{
"category": "external",
"summary": "SUSE Bug 979074 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/979074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:17Z",
"details": "moderate"
}
],
"title": "CVE-2016-2053"
},
{
"cve": "CVE-2016-3134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3134"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3134",
"url": "https://www.suse.com/security/cve/CVE-2016-3134"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971126"
},
{
"category": "external",
"summary": "SUSE Bug 971793 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:17Z",
"details": "moderate"
}
],
"title": "CVE-2016-3134"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:17Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4565"
}
],
"notes": [
{
"category": "general",
"text": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4565",
"url": "https://www.suse.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 979548 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/979548"
},
{
"category": "external",
"summary": "SUSE Bug 980363 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980363"
},
{
"category": "external",
"summary": "SUSE Bug 980883 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-default-5-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_48-52_27-xen-5-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:17Z",
"details": "moderate"
}
],
"title": "CVE-2016-4565"
}
]
}
SUSE-SU-2016:2006-1
Vulnerability from csaf_suse - Published: 2016-08-09 11:23 - Updated: 2016-08-09 11:23Summary
Security update for Linux Kernel Live Patch 12 for SLE 12
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 12 for SLE 12
Description of the patch: This update for the Linux Kernel 3.12.55-52_42 fixes several issues.
The following security bugs were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).
Patchnames: SUSE-SLE-SAP-12-2016-1173,SUSE-SLE-SERVER-12-2016-1173
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
63 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 12 for SLE 12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.55-52_42 fixes several issues.\n\nThe following security bugs were fixed:\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).\n- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).\n- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).\n- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).\n- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).\n- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-2016-1173,SUSE-SLE-SERVER-12-2016-1173",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2006-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2006-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162006-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2006-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002192.html"
},
{
"category": "self",
"summary": "SUSE Bug 955837",
"url": "https://bugzilla.suse.com/955837"
},
{
"category": "self",
"summary": "SUSE Bug 971793",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "self",
"summary": "SUSE Bug 973570",
"url": "https://bugzilla.suse.com/973570"
},
{
"category": "self",
"summary": "SUSE Bug 979064",
"url": "https://bugzilla.suse.com/979064"
},
{
"category": "self",
"summary": "SUSE Bug 979074",
"url": "https://bugzilla.suse.com/979074"
},
{
"category": "self",
"summary": "SUSE Bug 980856",
"url": "https://bugzilla.suse.com/980856"
},
{
"category": "self",
"summary": "SUSE Bug 980883",
"url": "https://bugzilla.suse.com/980883"
},
{
"category": "self",
"summary": "SUSE Bug 983144",
"url": "https://bugzilla.suse.com/983144"
},
{
"category": "self",
"summary": "SUSE Bug 984764",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1583 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2053 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3134 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4565 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4565/"
}
],
"title": "Security update for Linux Kernel Live Patch 12 for SLE 12",
"tracking": {
"current_release_date": "2016-08-09T11:23:24Z",
"generator": {
"date": "2016-08-09T11:23:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2006-1",
"initial_release_date": "2016-08-09T11:23:24Z",
"revision_history": [
{
"date": "2016-08-09T11:23:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"product_id": "kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"product_id": "kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:24Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2015-8816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8816"
}
],
"notes": [
{
"category": "general",
"text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8816",
"url": "https://www.suse.com/security/cve/CVE-2015-8816"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 968010 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "external",
"summary": "SUSE Bug 979064 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/979064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:24Z",
"details": "moderate"
}
],
"title": "CVE-2015-8816"
},
{
"cve": "CVE-2016-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0758"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0758",
"url": "https://www.suse.com/security/cve/CVE-2016-0758"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 979867 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/979867"
},
{
"category": "external",
"summary": "SUSE Bug 980856 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/980856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:24Z",
"details": "important"
}
],
"title": "CVE-2016-0758"
},
{
"cve": "CVE-2016-1583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1583"
}
],
"notes": [
{
"category": "general",
"text": "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1583",
"url": "https://www.suse.com/security/cve/CVE-2016-1583"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 983143 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983143"
},
{
"category": "external",
"summary": "SUSE Bug 983144 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:24Z",
"details": "important"
}
],
"title": "CVE-2016-1583"
},
{
"cve": "CVE-2016-2053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2053"
}
],
"notes": [
{
"category": "general",
"text": "The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2053",
"url": "https://www.suse.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963762 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/963762"
},
{
"category": "external",
"summary": "SUSE Bug 979074 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/979074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:24Z",
"details": "moderate"
}
],
"title": "CVE-2016-2053"
},
{
"cve": "CVE-2016-3134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3134"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3134",
"url": "https://www.suse.com/security/cve/CVE-2016-3134"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971126"
},
{
"category": "external",
"summary": "SUSE Bug 971793 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:24Z",
"details": "moderate"
}
],
"title": "CVE-2016-3134"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:24Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4565"
}
],
"notes": [
{
"category": "general",
"text": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4565",
"url": "https://www.suse.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 979548 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/979548"
},
{
"category": "external",
"summary": "SUSE Bug 980363 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980363"
},
{
"category": "external",
"summary": "SUSE Bug 980883 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-default-2-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_55-52_42-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:24Z",
"details": "moderate"
}
],
"title": "CVE-2016-4565"
}
]
}
SUSE-SU-2016:2007-1
Vulnerability from csaf_suse - Published: 2016-08-09 11:25 - Updated: 2016-08-09 11:25Summary
Security update for Linux Kernel Live Patch 3 for SLE 12 SP1
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 3 for SLE 12 SP1
Description of the patch: This update for the Linux Kernel 3.12.53-60_30 fixes the several issues.
These security issues were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).
This non-security issue was fixed:
- bsc#973570: The fix for CVE-2013-7446 introduced a bug that could have possibly lead to a softlockup.
Patchnames: SUSE-SLE-Live-Patching-12-2016-1181
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
62 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 3 for SLE 12 SP1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.53-60_30 fixes the several issues.\n\nThese security issues were fixed:\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).\n- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).\n- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).\n- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).\n- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).\n\nThis non-security issue was fixed:\n- bsc#973570: The fix for CVE-2013-7446 introduced a bug that could have possibly lead to a softlockup. \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-1181",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2007-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2007-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162007-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2007-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002193.html"
},
{
"category": "self",
"summary": "SUSE Bug 971793",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "self",
"summary": "SUSE Bug 973570",
"url": "https://bugzilla.suse.com/973570"
},
{
"category": "self",
"summary": "SUSE Bug 979064",
"url": "https://bugzilla.suse.com/979064"
},
{
"category": "self",
"summary": "SUSE Bug 979074",
"url": "https://bugzilla.suse.com/979074"
},
{
"category": "self",
"summary": "SUSE Bug 980856",
"url": "https://bugzilla.suse.com/980856"
},
{
"category": "self",
"summary": "SUSE Bug 980883",
"url": "https://bugzilla.suse.com/980883"
},
{
"category": "self",
"summary": "SUSE Bug 983144",
"url": "https://bugzilla.suse.com/983144"
},
{
"category": "self",
"summary": "SUSE Bug 984764",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1583 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2053 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3134 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4565 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4565/"
}
],
"title": "Security update for Linux Kernel Live Patch 3 for SLE 12 SP1",
"tracking": {
"current_release_date": "2016-08-09T11:25:25Z",
"generator": {
"date": "2016-08-09T11:25:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2007-1",
"initial_release_date": "2016-08-09T11:25:25Z",
"revision_history": [
{
"date": "2016-08-09T11:25:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"product_id": "kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64",
"product_id": "kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:25Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2015-8816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8816"
}
],
"notes": [
{
"category": "general",
"text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8816",
"url": "https://www.suse.com/security/cve/CVE-2015-8816"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 968010 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "external",
"summary": "SUSE Bug 979064 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/979064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:25Z",
"details": "moderate"
}
],
"title": "CVE-2015-8816"
},
{
"cve": "CVE-2016-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0758"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0758",
"url": "https://www.suse.com/security/cve/CVE-2016-0758"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 979867 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/979867"
},
{
"category": "external",
"summary": "SUSE Bug 980856 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/980856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:25Z",
"details": "important"
}
],
"title": "CVE-2016-0758"
},
{
"cve": "CVE-2016-1583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1583"
}
],
"notes": [
{
"category": "general",
"text": "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1583",
"url": "https://www.suse.com/security/cve/CVE-2016-1583"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 983143 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983143"
},
{
"category": "external",
"summary": "SUSE Bug 983144 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:25Z",
"details": "important"
}
],
"title": "CVE-2016-1583"
},
{
"cve": "CVE-2016-2053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2053"
}
],
"notes": [
{
"category": "general",
"text": "The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2053",
"url": "https://www.suse.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963762 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/963762"
},
{
"category": "external",
"summary": "SUSE Bug 979074 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/979074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:25Z",
"details": "moderate"
}
],
"title": "CVE-2016-2053"
},
{
"cve": "CVE-2016-3134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3134"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3134",
"url": "https://www.suse.com/security/cve/CVE-2016-3134"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971126"
},
{
"category": "external",
"summary": "SUSE Bug 971793 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:25Z",
"details": "moderate"
}
],
"title": "CVE-2016-3134"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:25Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4565"
}
],
"notes": [
{
"category": "general",
"text": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4565",
"url": "https://www.suse.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 979548 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/979548"
},
{
"category": "external",
"summary": "SUSE Bug 980363 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980363"
},
{
"category": "external",
"summary": "SUSE Bug 980883 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-default-3-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_53-60_30-xen-3-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:25Z",
"details": "moderate"
}
],
"title": "CVE-2016-4565"
}
]
}
SUSE-SU-2016:2009-1
Vulnerability from csaf_suse - Published: 2016-08-09 11:25 - Updated: 2016-08-09 11:25Summary
Security update for Linux Kernel Live Patch 2 for SLE 12 SP1
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 2 for SLE 12 SP1
Description of the patch: This update for the Linux Kernel 3.12.51-60_25 fixes the several issues.
These security issues were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2015-8019: The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel did not accept a length argument, which allowed local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call (bsc#979078).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).
This non-security issue was fixed:
- bsc#973570: The fix for CVE-2013-7446 introduced a bug that could have possibly lead to a softlockup.
Patchnames: SUSE-SLE-Live-Patching-12-2016-1182
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
69 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 2 for SLE 12 SP1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.51-60_25 fixes the several issues.\n\nThese security issues were fixed:\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).\n- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).\n- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).\n- CVE-2015-8019: The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel did not accept a length argument, which allowed local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call (bsc#979078).\n- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).\n- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).\n\nThis non-security issue was fixed:\n- bsc#973570: The fix for CVE-2013-7446 introduced a bug that could have possibly lead to a softlockup. \n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-1182",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2009-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2009-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162009-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2009-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002195.html"
},
{
"category": "self",
"summary": "SUSE Bug 971793",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "self",
"summary": "SUSE Bug 973570",
"url": "https://bugzilla.suse.com/973570"
},
{
"category": "self",
"summary": "SUSE Bug 979064",
"url": "https://bugzilla.suse.com/979064"
},
{
"category": "self",
"summary": "SUSE Bug 979074",
"url": "https://bugzilla.suse.com/979074"
},
{
"category": "self",
"summary": "SUSE Bug 979078",
"url": "https://bugzilla.suse.com/979078"
},
{
"category": "self",
"summary": "SUSE Bug 980856",
"url": "https://bugzilla.suse.com/980856"
},
{
"category": "self",
"summary": "SUSE Bug 980883",
"url": "https://bugzilla.suse.com/980883"
},
{
"category": "self",
"summary": "SUSE Bug 983144",
"url": "https://bugzilla.suse.com/983144"
},
{
"category": "self",
"summary": "SUSE Bug 984764",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8019 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8019/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1583 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2053 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3134 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4565 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4565/"
}
],
"title": "Security update for Linux Kernel Live Patch 2 for SLE 12 SP1",
"tracking": {
"current_release_date": "2016-08-09T11:25:36Z",
"generator": {
"date": "2016-08-09T11:25:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2009-1",
"initial_release_date": "2016-08-09T11:25:36Z",
"revision_history": [
{
"date": "2016-08-09T11:25:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:36Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2015-8019",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8019"
}
],
"notes": [
{
"category": "general",
"text": "The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a write system call followed by a recvmsg system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8019",
"url": "https://www.suse.com/security/cve/CVE-2015-8019"
},
{
"category": "external",
"summary": "SUSE Bug 1032268 for CVE-2015-8019",
"url": "https://bugzilla.suse.com/1032268"
},
{
"category": "external",
"summary": "SUSE Bug 951199 for CVE-2015-8019",
"url": "https://bugzilla.suse.com/951199"
},
{
"category": "external",
"summary": "SUSE Bug 952587 for CVE-2015-8019",
"url": "https://bugzilla.suse.com/952587"
},
{
"category": "external",
"summary": "SUSE Bug 979078 for CVE-2015-8019",
"url": "https://bugzilla.suse.com/979078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:36Z",
"details": "moderate"
}
],
"title": "CVE-2015-8019"
},
{
"cve": "CVE-2015-8816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8816"
}
],
"notes": [
{
"category": "general",
"text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8816",
"url": "https://www.suse.com/security/cve/CVE-2015-8816"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 968010 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "external",
"summary": "SUSE Bug 979064 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/979064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:36Z",
"details": "moderate"
}
],
"title": "CVE-2015-8816"
},
{
"cve": "CVE-2016-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0758"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0758",
"url": "https://www.suse.com/security/cve/CVE-2016-0758"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 979867 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/979867"
},
{
"category": "external",
"summary": "SUSE Bug 980856 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/980856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:36Z",
"details": "important"
}
],
"title": "CVE-2016-0758"
},
{
"cve": "CVE-2016-1583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1583"
}
],
"notes": [
{
"category": "general",
"text": "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1583",
"url": "https://www.suse.com/security/cve/CVE-2016-1583"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 983143 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983143"
},
{
"category": "external",
"summary": "SUSE Bug 983144 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:36Z",
"details": "important"
}
],
"title": "CVE-2016-1583"
},
{
"cve": "CVE-2016-2053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2053"
}
],
"notes": [
{
"category": "general",
"text": "The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2053",
"url": "https://www.suse.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963762 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/963762"
},
{
"category": "external",
"summary": "SUSE Bug 979074 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/979074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:36Z",
"details": "moderate"
}
],
"title": "CVE-2016-2053"
},
{
"cve": "CVE-2016-3134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3134"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3134",
"url": "https://www.suse.com/security/cve/CVE-2016-3134"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971126"
},
{
"category": "external",
"summary": "SUSE Bug 971793 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:36Z",
"details": "moderate"
}
],
"title": "CVE-2016-3134"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:36Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4565"
}
],
"notes": [
{
"category": "general",
"text": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4565",
"url": "https://www.suse.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 979548 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/979548"
},
{
"category": "external",
"summary": "SUSE Bug 980363 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980363"
},
{
"category": "external",
"summary": "SUSE Bug 980883 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_51-60_25-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:25:36Z",
"details": "moderate"
}
],
"title": "CVE-2016-4565"
}
]
}
SUSE-SU-2016:2010-1
Vulnerability from csaf_suse - Published: 2016-08-09 11:23 - Updated: 2016-08-09 11:23Summary
Security update for Linux Kernel Live Patch 11 for SLE 12
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 11 for SLE 12
Description of the patch: This update for the Linux Kernel 3.12.51-52_39 fixes several issues.
The following security bugs were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).
Patchnames: SUSE-SLE-SAP-12-2016-1174,SUSE-SLE-SERVER-12-2016-1174
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
63 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 11 for SLE 12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.51-52_39 fixes several issues.\n\nThe following security bugs were fixed:\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).\n- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).\n- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).\n- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).\n- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).\n- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-2016-1174,SUSE-SLE-SERVER-12-2016-1174",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2010-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2010-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162010-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2010-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002196.html"
},
{
"category": "self",
"summary": "SUSE Bug 955837",
"url": "https://bugzilla.suse.com/955837"
},
{
"category": "self",
"summary": "SUSE Bug 971793",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "self",
"summary": "SUSE Bug 973570",
"url": "https://bugzilla.suse.com/973570"
},
{
"category": "self",
"summary": "SUSE Bug 979064",
"url": "https://bugzilla.suse.com/979064"
},
{
"category": "self",
"summary": "SUSE Bug 979074",
"url": "https://bugzilla.suse.com/979074"
},
{
"category": "self",
"summary": "SUSE Bug 980856",
"url": "https://bugzilla.suse.com/980856"
},
{
"category": "self",
"summary": "SUSE Bug 980883",
"url": "https://bugzilla.suse.com/980883"
},
{
"category": "self",
"summary": "SUSE Bug 983144",
"url": "https://bugzilla.suse.com/983144"
},
{
"category": "self",
"summary": "SUSE Bug 984764",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1583 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2053 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3134 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4565 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4565/"
}
],
"title": "Security update for Linux Kernel Live Patch 11 for SLE 12",
"tracking": {
"current_release_date": "2016-08-09T11:23:39Z",
"generator": {
"date": "2016-08-09T11:23:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2010-1",
"initial_release_date": "2016-08-09T11:23:39Z",
"revision_history": [
{
"date": "2016-08-09T11:23:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"product_id": "kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"product_id": "kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:39Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2015-8816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8816"
}
],
"notes": [
{
"category": "general",
"text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8816",
"url": "https://www.suse.com/security/cve/CVE-2015-8816"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 968010 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "external",
"summary": "SUSE Bug 979064 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/979064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:39Z",
"details": "moderate"
}
],
"title": "CVE-2015-8816"
},
{
"cve": "CVE-2016-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0758"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0758",
"url": "https://www.suse.com/security/cve/CVE-2016-0758"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 979867 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/979867"
},
{
"category": "external",
"summary": "SUSE Bug 980856 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/980856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:39Z",
"details": "important"
}
],
"title": "CVE-2016-0758"
},
{
"cve": "CVE-2016-1583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1583"
}
],
"notes": [
{
"category": "general",
"text": "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1583",
"url": "https://www.suse.com/security/cve/CVE-2016-1583"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 983143 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983143"
},
{
"category": "external",
"summary": "SUSE Bug 983144 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:39Z",
"details": "important"
}
],
"title": "CVE-2016-1583"
},
{
"cve": "CVE-2016-2053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2053"
}
],
"notes": [
{
"category": "general",
"text": "The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2053",
"url": "https://www.suse.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963762 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/963762"
},
{
"category": "external",
"summary": "SUSE Bug 979074 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/979074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:39Z",
"details": "moderate"
}
],
"title": "CVE-2016-2053"
},
{
"cve": "CVE-2016-3134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3134"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3134",
"url": "https://www.suse.com/security/cve/CVE-2016-3134"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971126"
},
{
"category": "external",
"summary": "SUSE Bug 971793 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:39Z",
"details": "moderate"
}
],
"title": "CVE-2016-3134"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:39Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4565"
}
],
"notes": [
{
"category": "general",
"text": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4565",
"url": "https://www.suse.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 979548 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/979548"
},
{
"category": "external",
"summary": "SUSE Bug 980363 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980363"
},
{
"category": "external",
"summary": "SUSE Bug 980883 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-default-4-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_51-52_39-xen-4-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:23:39Z",
"details": "moderate"
}
],
"title": "CVE-2016-4565"
}
]
}
SUSE-SU-2016:2011-1
Vulnerability from csaf_suse - Published: 2016-08-09 11:24 - Updated: 2016-08-09 11:24Summary
Security update for Linux Kernel Live Patch 6 for SLE 12 SP1
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 6 for SLE 12 SP1
Description of the patch: This update for the Linux Kernel 3.12.59-60_45 fixes the several issues.
These security issues were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
Patchnames: SUSE-SLE-Live-Patching-12-2016-1178
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 6 for SLE 12 SP1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.59-60_45 fixes the several issues.\n\nThese security issues were fixed:\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).\n- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).\n- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2016-1178",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2011-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2011-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162011-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2011-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002197.html"
},
{
"category": "self",
"summary": "SUSE Bug 979074",
"url": "https://bugzilla.suse.com/979074"
},
{
"category": "self",
"summary": "SUSE Bug 980856",
"url": "https://bugzilla.suse.com/980856"
},
{
"category": "self",
"summary": "SUSE Bug 980883",
"url": "https://bugzilla.suse.com/980883"
},
{
"category": "self",
"summary": "SUSE Bug 984764",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2053 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4565 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4565/"
}
],
"title": "Security update for Linux Kernel Live Patch 6 for SLE 12 SP1",
"tracking": {
"current_release_date": "2016-08-09T11:24:44Z",
"generator": {
"date": "2016-08-09T11:24:44Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2011-1",
"initial_release_date": "2016-08-09T11:24:44Z",
"revision_history": [
{
"date": "2016-08-09T11:24:44Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"product_id": "kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64",
"product_id": "kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:44Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2016-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0758"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0758",
"url": "https://www.suse.com/security/cve/CVE-2016-0758"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 979867 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/979867"
},
{
"category": "external",
"summary": "SUSE Bug 980856 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/980856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:44Z",
"details": "important"
}
],
"title": "CVE-2016-0758"
},
{
"cve": "CVE-2016-2053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2053"
}
],
"notes": [
{
"category": "general",
"text": "The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2053",
"url": "https://www.suse.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963762 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/963762"
},
{
"category": "external",
"summary": "SUSE Bug 979074 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/979074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:44Z",
"details": "moderate"
}
],
"title": "CVE-2016-2053"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:44Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4565"
}
],
"notes": [
{
"category": "general",
"text": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4565",
"url": "https://www.suse.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 979548 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/979548"
},
{
"category": "external",
"summary": "SUSE Bug 980363 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980363"
},
{
"category": "external",
"summary": "SUSE Bug 980883 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-default-2-2.2.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_59-60_45-xen-2-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:44Z",
"details": "moderate"
}
],
"title": "CVE-2016-4565"
}
]
}
SUSE-SU-2016:2014-1
Vulnerability from csaf_suse - Published: 2016-08-09 11:24 - Updated: 2016-08-09 11:24Summary
Security update for Linux Kernel Live Patch 7 for SLE 12
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 7 for SLE 12
Description of the patch: This update for the Linux Kernel 3.12.44-52_18 fixes several issues.
The following security bugs were fixed:
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).
- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).
- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).
- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).
- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).
- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).
- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).
- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).
Patchnames: SUSE-SLE-SAP-12-2016-1177,SUSE-SLE-SERVER-12-2016-1177
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.1 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.4 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
63 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 7 for SLE 12",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.44-52_18 fixes several issues.\n\nThe following security bugs were fixed:\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bsc#984764).\n- CVE-2016-1583: The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling (bsc#983144).\n- CVE-2016-4565: The InfiniBand (aka IB) stack in the Linux kernel incorrectly relied on the write system call, which allowed local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface (bsc#980883).\n- CVE-2016-0758: Integer overflow in lib/asn1_decoder.c in the Linux kernel allowed local users to gain privileges via crafted ASN.1 data (bsc#980856).\n- CVE-2016-2053: The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel allowed attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c (bsc#979074).\n- CVE-2015-8816: The hub_activate function in drivers/usb/core/hub.c in the Linux kernel did not properly maintain a hub-interface data structure, which allowed physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device (bsc#979064).\n- CVE-2016-3134: The netfilter subsystem in the Linux kernel did not validate certain offset fields, which allowed local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call (bsc#971793).\n- CVE-2013-7446: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel allowed local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls (bsc#973570, bsc#955837).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-2016-1177,SUSE-SLE-SERVER-12-2016-1177",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2014-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2014-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162014-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2014-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002200.html"
},
{
"category": "self",
"summary": "SUSE Bug 955837",
"url": "https://bugzilla.suse.com/955837"
},
{
"category": "self",
"summary": "SUSE Bug 971793",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "self",
"summary": "SUSE Bug 973570",
"url": "https://bugzilla.suse.com/973570"
},
{
"category": "self",
"summary": "SUSE Bug 979064",
"url": "https://bugzilla.suse.com/979064"
},
{
"category": "self",
"summary": "SUSE Bug 979074",
"url": "https://bugzilla.suse.com/979074"
},
{
"category": "self",
"summary": "SUSE Bug 980856",
"url": "https://bugzilla.suse.com/980856"
},
{
"category": "self",
"summary": "SUSE Bug 980883",
"url": "https://bugzilla.suse.com/980883"
},
{
"category": "self",
"summary": "SUSE Bug 983144",
"url": "https://bugzilla.suse.com/983144"
},
{
"category": "self",
"summary": "SUSE Bug 984764",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-7446 page",
"url": "https://www.suse.com/security/cve/CVE-2013-7446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8816 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8816/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-0758 page",
"url": "https://www.suse.com/security/cve/CVE-2016-0758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-1583 page",
"url": "https://www.suse.com/security/cve/CVE-2016-1583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2053 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3134 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3134/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4565 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4565/"
}
],
"title": "Security update for Linux Kernel Live Patch 7 for SLE 12",
"tracking": {
"current_release_date": "2016-08-09T11:24:33Z",
"generator": {
"date": "2016-08-09T11:24:33Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2014-1",
"initial_release_date": "2016-08-09T11:24:33Z",
"revision_history": [
{
"date": "2016-08-09T11:24:33Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"product_id": "kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"product": {
"name": "kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"product_id": "kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2013-7446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-7446"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-7446",
"url": "https://www.suse.com/security/cve/CVE-2013-7446"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 955654 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955654"
},
{
"category": "external",
"summary": "SUSE Bug 955837 for CVE-2013-7446",
"url": "https://bugzilla.suse.com/955837"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:33Z",
"details": "moderate"
}
],
"title": "CVE-2013-7446"
},
{
"cve": "CVE-2015-8816",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8816"
}
],
"notes": [
{
"category": "general",
"text": "The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8816",
"url": "https://www.suse.com/security/cve/CVE-2015-8816"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 968010 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "external",
"summary": "SUSE Bug 979064 for CVE-2015-8816",
"url": "https://bugzilla.suse.com/979064"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:33Z",
"details": "moderate"
}
],
"title": "CVE-2015-8816"
},
{
"cve": "CVE-2016-0758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-0758"
}
],
"notes": [
{
"category": "general",
"text": "Integer overflow in lib/asn1_decoder.c in the Linux kernel before 4.6 allows local users to gain privileges via crafted ASN.1 data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-0758",
"url": "https://www.suse.com/security/cve/CVE-2016-0758"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 979867 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/979867"
},
{
"category": "external",
"summary": "SUSE Bug 980856 for CVE-2016-0758",
"url": "https://bugzilla.suse.com/980856"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:33Z",
"details": "important"
}
],
"title": "CVE-2016-0758"
},
{
"cve": "CVE-2016-1583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-1583"
}
],
"notes": [
{
"category": "general",
"text": "The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-1583",
"url": "https://www.suse.com/security/cve/CVE-2016-1583"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 983143 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983143"
},
{
"category": "external",
"summary": "SUSE Bug 983144 for CVE-2016-1583",
"url": "https://bugzilla.suse.com/983144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:33Z",
"details": "important"
}
],
"title": "CVE-2016-1583"
},
{
"cve": "CVE-2016-2053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2053"
}
],
"notes": [
{
"category": "general",
"text": "The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2053",
"url": "https://www.suse.com/security/cve/CVE-2016-2053"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 963762 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/963762"
},
{
"category": "external",
"summary": "SUSE Bug 979074 for CVE-2016-2053",
"url": "https://bugzilla.suse.com/979074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:33Z",
"details": "moderate"
}
],
"title": "CVE-2016-2053"
},
{
"cve": "CVE-2016-3134",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3134"
}
],
"notes": [
{
"category": "general",
"text": "The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3134",
"url": "https://www.suse.com/security/cve/CVE-2016-3134"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 971126 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971126"
},
{
"category": "external",
"summary": "SUSE Bug 971793 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/971793"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-3134",
"url": "https://bugzilla.suse.com/986377"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:33Z",
"details": "moderate"
}
],
"title": "CVE-2016-3134"
},
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:33Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4565",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4565"
}
],
"notes": [
{
"category": "general",
"text": "The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4565",
"url": "https://www.suse.com/security/cve/CVE-2016-4565"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 979548 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/979548"
},
{
"category": "external",
"summary": "SUSE Bug 980363 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980363"
},
{
"category": "external",
"summary": "SUSE Bug 980883 for CVE-2016-4565",
"url": "https://bugzilla.suse.com/980883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-default-6-2.2.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_44-52_18-xen-6-2.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T11:24:33Z",
"details": "moderate"
}
],
"title": "CVE-2016-4565"
}
]
}
SUSE-SU-2016:2018-1
Vulnerability from csaf_suse - Published: 2016-08-09 15:23 - Updated: 2016-08-09 15:23Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).
- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).
- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).
The following non-security bugs were fixed:
- RDMA/cxgb4: Configure 0B MRs to match HW implementation (bsc#909589).
- RDMA/cxgb4: Do not hang threads forever waiting on WR replies (bsc#909589).
- RDMA/cxgb4: Fix locking issue in process_mpa_request (bsc#909589).
- RDMA/cxgb4: Handle NET_XMIT return codes (bsc#909589).
- RDMA/cxgb4: Increase epd buff size for debug interface (bsc#909589).
- RDMA/cxgb4: Limit MRs to less than 8GB for T4/T5 devices (bsc#909589).
- RDMA/cxgb4: Serialize CQ event upcalls with CQ destruction (bsc#909589).
- RDMA/cxgb4: Wake up waiters after flushing the qp (bsc#909589).
- bridge: superfluous skb->nfct check in br_nf_dev_queue_xmit (bsc#982544).
- iucv: call skb_linearize() when needed (bnc#979915, LTC#141240).
- kabi: prevent spurious modversion changes after bsc#982544 fix (bsc#982544).
- mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).
- mm: Fix DIF failures on ext3 filesystems (bsc#971030).
- net/qlge: Avoids recursive EEH error (bsc#954847).
- netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in br_validate_ipv6 (bsc#982544).
- netfilter: bridge: do not leak skb in error paths (bsc#982544).
- netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).
- qeth: delete napi struct when removing a qeth device (bnc#979915, LTC#143590).
- s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979915, LTC#141456).
- s390/pci: fix use after free in dma_init (bnc#979915, LTC#141626).
- s390: fix test_fp_ctl inline assembly contraints (bnc#979915, LTC#143138).
- sched/cputime: Fix clock_nanosleep()/clock_gettime() inconsistency (bnc#988498).
- sched/cputime: Fix cpu_timer_sample_group() double accounting (bnc#988498).
- sched: Provide update_curr callbacks for stop/idle scheduling classes (bnc#988498).
- x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).
Patchnames: sdksp4-kernel-12685,slessp4-kernel-12685,slexsp3-kernel-12685
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Affected products
Recommended
119 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
119 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
119 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
36 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n- CVE-2016-5829: Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel allowed local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call (bnc#986572).\n- CVE-2016-4997: The compat IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).\n- CVE-2016-4470: The key_reject_and_link function in security/keys/key.c in the Linux kernel did not ensure that a certain data structure is initialized, which allowed local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command (bnc#984755).\n\nThe following non-security bugs were fixed:\n- RDMA/cxgb4: Configure 0B MRs to match HW implementation (bsc#909589).\n- RDMA/cxgb4: Do not hang threads forever waiting on WR replies (bsc#909589).\n- RDMA/cxgb4: Fix locking issue in process_mpa_request (bsc#909589).\n- RDMA/cxgb4: Handle NET_XMIT return codes (bsc#909589).\n- RDMA/cxgb4: Increase epd buff size for debug interface (bsc#909589).\n- RDMA/cxgb4: Limit MRs to less than 8GB for T4/T5 devices (bsc#909589).\n- RDMA/cxgb4: Serialize CQ event upcalls with CQ destruction (bsc#909589).\n- RDMA/cxgb4: Wake up waiters after flushing the qp (bsc#909589).\n- bridge: superfluous skb-\u003enfct check in br_nf_dev_queue_xmit (bsc#982544).\n- iucv: call skb_linearize() when needed (bnc#979915, LTC#141240).\n- kabi: prevent spurious modversion changes after bsc#982544 fix (bsc#982544).\n- mm/swap.c: flush lru pvecs on compound page arrival (bnc#983721).\n- mm: Fix DIF failures on ext3 filesystems (bsc#971030).\n- net/qlge: Avoids recursive EEH error (bsc#954847).\n- netfilter: bridge: Use __in6_dev_get rather than in6_dev_get in br_validate_ipv6 (bsc#982544).\n- netfilter: bridge: do not leak skb in error paths (bsc#982544).\n- netfilter: bridge: forward IPv6 fragmented packets (bsc#982544).\n- qeth: delete napi struct when removing a qeth device (bnc#979915, LTC#143590).\n- s390/mm: fix asce_bits handling with dynamic pagetable levels (bnc#979915, LTC#141456).\n- s390/pci: fix use after free in dma_init (bnc#979915, LTC#141626).\n- s390: fix test_fp_ctl inline assembly contraints (bnc#979915, LTC#143138).\n- sched/cputime: Fix clock_nanosleep()/clock_gettime() inconsistency (bnc#988498).\n- sched/cputime: Fix cpu_timer_sample_group() double accounting (bnc#988498).\n- sched: Provide update_curr callbacks for stop/idle scheduling classes (bnc#988498).\n- x86/mm/pat, /dev/mem: Remove superfluous error message (bsc#974620).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-kernel-12685,slessp4-kernel-12685,slexsp3-kernel-12685",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_2018-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2016:2018-1",
"url": "https://www.suse.com/support/update/announcement/2016/suse-su-20162018-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2016:2018-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2016-August/002201.html"
},
{
"category": "self",
"summary": "SUSE Bug 909589",
"url": "https://bugzilla.suse.com/909589"
},
{
"category": "self",
"summary": "SUSE Bug 954847",
"url": "https://bugzilla.suse.com/954847"
},
{
"category": "self",
"summary": "SUSE Bug 971030",
"url": "https://bugzilla.suse.com/971030"
},
{
"category": "self",
"summary": "SUSE Bug 974620",
"url": "https://bugzilla.suse.com/974620"
},
{
"category": "self",
"summary": "SUSE Bug 979915",
"url": "https://bugzilla.suse.com/979915"
},
{
"category": "self",
"summary": "SUSE Bug 982544",
"url": "https://bugzilla.suse.com/982544"
},
{
"category": "self",
"summary": "SUSE Bug 983721",
"url": "https://bugzilla.suse.com/983721"
},
{
"category": "self",
"summary": "SUSE Bug 984755",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "self",
"summary": "SUSE Bug 986362",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "self",
"summary": "SUSE Bug 986572",
"url": "https://bugzilla.suse.com/986572"
},
{
"category": "self",
"summary": "SUSE Bug 988498",
"url": "https://bugzilla.suse.com/988498"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4470 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-4997 page",
"url": "https://www.suse.com/security/cve/CVE-2016-4997/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5829 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5829/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2016-08-09T15:23:23Z",
"generator": {
"date": "2016-08-09T15:23:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2016:2018-1",
"initial_release_date": "2016-08-09T15:23:23Z",
"revision_history": [
{
"date": "2016-08-09T15:23:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-80.1.i586",
"product": {
"name": "kernel-default-3.0.101-80.1.i586",
"product_id": "kernel-default-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-80.1.i586",
"product": {
"name": "kernel-default-base-3.0.101-80.1.i586",
"product_id": "kernel-default-base-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-80.1.i586",
"product": {
"name": "kernel-default-devel-3.0.101-80.1.i586",
"product_id": "kernel-default-devel-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-80.1.i586",
"product": {
"name": "kernel-ec2-3.0.101-80.1.i586",
"product_id": "kernel-ec2-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-80.1.i586",
"product": {
"name": "kernel-ec2-base-3.0.101-80.1.i586",
"product_id": "kernel-ec2-base-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-80.1.i586",
"product": {
"name": "kernel-ec2-devel-3.0.101-80.1.i586",
"product_id": "kernel-ec2-devel-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-3.0.101-80.1.i586",
"product": {
"name": "kernel-pae-3.0.101-80.1.i586",
"product_id": "kernel-pae-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-base-3.0.101-80.1.i586",
"product": {
"name": "kernel-pae-base-3.0.101-80.1.i586",
"product_id": "kernel-pae-base-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-devel-3.0.101-80.1.i586",
"product": {
"name": "kernel-pae-devel-3.0.101-80.1.i586",
"product_id": "kernel-pae-devel-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-80.1.i586",
"product": {
"name": "kernel-source-3.0.101-80.1.i586",
"product_id": "kernel-source-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-80.1.i586",
"product": {
"name": "kernel-syms-3.0.101-80.1.i586",
"product_id": "kernel-syms-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-80.1.i586",
"product": {
"name": "kernel-trace-3.0.101-80.1.i586",
"product_id": "kernel-trace-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-80.1.i586",
"product": {
"name": "kernel-trace-base-3.0.101-80.1.i586",
"product_id": "kernel-trace-base-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-80.1.i586",
"product": {
"name": "kernel-trace-devel-3.0.101-80.1.i586",
"product_id": "kernel-trace-devel-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-80.1.i586",
"product": {
"name": "kernel-xen-3.0.101-80.1.i586",
"product_id": "kernel-xen-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-80.1.i586",
"product": {
"name": "kernel-xen-base-3.0.101-80.1.i586",
"product_id": "kernel-xen-base-3.0.101-80.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-80.1.i586",
"product": {
"name": "kernel-xen-devel-3.0.101-80.1.i586",
"product_id": "kernel-xen-devel-3.0.101-80.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-80.1.ia64",
"product": {
"name": "kernel-default-3.0.101-80.1.ia64",
"product_id": "kernel-default-3.0.101-80.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-80.1.ia64",
"product": {
"name": "kernel-default-base-3.0.101-80.1.ia64",
"product_id": "kernel-default-base-3.0.101-80.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-80.1.ia64",
"product": {
"name": "kernel-default-devel-3.0.101-80.1.ia64",
"product_id": "kernel-default-devel-3.0.101-80.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-80.1.ia64",
"product": {
"name": "kernel-source-3.0.101-80.1.ia64",
"product_id": "kernel-source-3.0.101-80.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-80.1.ia64",
"product": {
"name": "kernel-syms-3.0.101-80.1.ia64",
"product_id": "kernel-syms-3.0.101-80.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-80.1.ia64",
"product": {
"name": "kernel-trace-3.0.101-80.1.ia64",
"product_id": "kernel-trace-3.0.101-80.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-80.1.ia64",
"product": {
"name": "kernel-trace-base-3.0.101-80.1.ia64",
"product_id": "kernel-trace-base-3.0.101-80.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-80.1.ia64",
"product": {
"name": "kernel-trace-devel-3.0.101-80.1.ia64",
"product_id": "kernel-trace-devel-3.0.101-80.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-docs-3.0.101-80.2.noarch",
"product": {
"name": "kernel-docs-3.0.101-80.2.noarch",
"product_id": "kernel-docs-3.0.101-80.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-default-3.0.101-80.1.ppc64",
"product_id": "kernel-default-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-default-base-3.0.101-80.1.ppc64",
"product_id": "kernel-default-base-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-default-devel-3.0.101-80.1.ppc64",
"product_id": "kernel-default-devel-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-ppc64-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-ppc64-3.0.101-80.1.ppc64",
"product_id": "kernel-ppc64-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-ppc64-base-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-ppc64-base-3.0.101-80.1.ppc64",
"product_id": "kernel-ppc64-base-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-ppc64-devel-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-ppc64-devel-3.0.101-80.1.ppc64",
"product_id": "kernel-ppc64-devel-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-source-3.0.101-80.1.ppc64",
"product_id": "kernel-source-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-syms-3.0.101-80.1.ppc64",
"product_id": "kernel-syms-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-trace-3.0.101-80.1.ppc64",
"product_id": "kernel-trace-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-trace-base-3.0.101-80.1.ppc64",
"product_id": "kernel-trace-base-3.0.101-80.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-80.1.ppc64",
"product": {
"name": "kernel-trace-devel-3.0.101-80.1.ppc64",
"product_id": "kernel-trace-devel-3.0.101-80.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-80.1.s390x",
"product": {
"name": "kernel-default-3.0.101-80.1.s390x",
"product_id": "kernel-default-3.0.101-80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-80.1.s390x",
"product": {
"name": "kernel-default-base-3.0.101-80.1.s390x",
"product_id": "kernel-default-base-3.0.101-80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-80.1.s390x",
"product": {
"name": "kernel-default-devel-3.0.101-80.1.s390x",
"product_id": "kernel-default-devel-3.0.101-80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.0.101-80.1.s390x",
"product": {
"name": "kernel-default-man-3.0.101-80.1.s390x",
"product_id": "kernel-default-man-3.0.101-80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-80.1.s390x",
"product": {
"name": "kernel-source-3.0.101-80.1.s390x",
"product_id": "kernel-source-3.0.101-80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-80.1.s390x",
"product": {
"name": "kernel-syms-3.0.101-80.1.s390x",
"product_id": "kernel-syms-3.0.101-80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-80.1.s390x",
"product": {
"name": "kernel-trace-3.0.101-80.1.s390x",
"product_id": "kernel-trace-3.0.101-80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-80.1.s390x",
"product": {
"name": "kernel-trace-base-3.0.101-80.1.s390x",
"product_id": "kernel-trace-base-3.0.101-80.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-80.1.s390x",
"product": {
"name": "kernel-trace-devel-3.0.101-80.1.s390x",
"product_id": "kernel-trace-devel-3.0.101-80.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-default-3.0.101-80.1.x86_64",
"product_id": "kernel-default-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-default-base-3.0.101-80.1.x86_64",
"product_id": "kernel-default-base-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-default-devel-3.0.101-80.1.x86_64",
"product_id": "kernel-default-devel-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-ec2-3.0.101-80.1.x86_64",
"product_id": "kernel-ec2-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-ec2-base-3.0.101-80.1.x86_64",
"product_id": "kernel-ec2-base-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.0.101-80.1.x86_64",
"product_id": "kernel-ec2-devel-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-source-3.0.101-80.1.x86_64",
"product_id": "kernel-source-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-syms-3.0.101-80.1.x86_64",
"product_id": "kernel-syms-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-trace-3.0.101-80.1.x86_64",
"product_id": "kernel-trace-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-trace-base-3.0.101-80.1.x86_64",
"product_id": "kernel-trace-base-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-trace-devel-3.0.101-80.1.x86_64",
"product_id": "kernel-trace-devel-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-xen-3.0.101-80.1.x86_64",
"product_id": "kernel-xen-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-xen-base-3.0.101-80.1.x86_64",
"product_id": "kernel-xen-base-3.0.101-80.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-80.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.0.101-80.1.x86_64",
"product_id": "kernel-xen-devel-3.0.101-80.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-3.0.101-80.2.noarch as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
},
"product_reference": "kernel-docs-3.0.101-80.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586"
},
"product_reference": "kernel-default-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64"
},
"product_reference": "kernel-default-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-default-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x"
},
"product_reference": "kernel-default-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-default-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64"
},
"product_reference": "kernel-default-base-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-default-base-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x"
},
"product_reference": "kernel-default-base-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x"
},
"product_reference": "kernel-default-man-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586"
},
"product_reference": "kernel-ec2-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-ec2-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-ec2-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586"
},
"product_reference": "kernel-pae-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-pae-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-pae-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-ppc64-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-base-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-ppc64-base-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-devel-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-ppc64-devel-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586"
},
"product_reference": "kernel-source-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64"
},
"product_reference": "kernel-source-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-source-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x"
},
"product_reference": "kernel-source-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586"
},
"product_reference": "kernel-syms-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64"
},
"product_reference": "kernel-syms-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-syms-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x"
},
"product_reference": "kernel-syms-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586"
},
"product_reference": "kernel-trace-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64"
},
"product_reference": "kernel-trace-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-trace-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x"
},
"product_reference": "kernel-trace-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586"
},
"product_reference": "kernel-xen-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-xen-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-xen-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586"
},
"product_reference": "kernel-default-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64"
},
"product_reference": "kernel-default-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-default-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x"
},
"product_reference": "kernel-default-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-default-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64"
},
"product_reference": "kernel-default-base-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-default-base-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x"
},
"product_reference": "kernel-default-base-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x"
},
"product_reference": "kernel-default-man-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586"
},
"product_reference": "kernel-ec2-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-ec2-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-ec2-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586"
},
"product_reference": "kernel-pae-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-pae-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-pae-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-ppc64-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-base-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-ppc64-base-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-devel-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-ppc64-devel-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586"
},
"product_reference": "kernel-source-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64"
},
"product_reference": "kernel-source-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-source-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x"
},
"product_reference": "kernel-source-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586"
},
"product_reference": "kernel-syms-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64"
},
"product_reference": "kernel-syms-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-syms-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x"
},
"product_reference": "kernel-syms-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586"
},
"product_reference": "kernel-trace-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64"
},
"product_reference": "kernel-trace-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-trace-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x"
},
"product_reference": "kernel-trace-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586"
},
"product_reference": "kernel-xen-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586"
},
"product_reference": "kernel-xen-base-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-80.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586"
},
"product_reference": "kernel-xen-devel-3.0.101-80.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-80.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-80.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-4470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4470"
}
],
"notes": [
{
"category": "general",
"text": "The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4470",
"url": "https://www.suse.com/security/cve/CVE-2016-4470"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 984755 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984755"
},
{
"category": "external",
"summary": "SUSE Bug 984764 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/984764"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4470",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T15:23:23Z",
"details": "moderate"
}
],
"title": "CVE-2016-4470"
},
{
"cve": "CVE-2016-4997",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-4997"
}
],
"notes": [
{
"category": "general",
"text": "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-4997",
"url": "https://www.suse.com/security/cve/CVE-2016-4997"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 986362 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986362"
},
{
"category": "external",
"summary": "SUSE Bug 986365 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986365"
},
{
"category": "external",
"summary": "SUSE Bug 986377 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/986377"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-4997",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T15:23:23Z",
"details": "important"
}
],
"title": "CVE-2016-4997"
},
{
"cve": "CVE-2016-5829",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5829"
}
],
"notes": [
{
"category": "general",
"text": "Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5829",
"url": "https://www.suse.com/security/cve/CVE-2016-5829"
},
{
"category": "external",
"summary": "SUSE Bug 1053919 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/1053919"
},
{
"category": "external",
"summary": "SUSE Bug 1054127 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/1054127"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 986572 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/986572"
},
{
"category": "external",
"summary": "SUSE Bug 986573 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/986573"
},
{
"category": "external",
"summary": "SUSE Bug 991651 for CVE-2016-5829",
"url": "https://bugzilla.suse.com/991651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-80.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-80.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2016-08-09T15:23:23Z",
"details": "moderate"
}
],
"title": "CVE-2016-5829"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…