Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-7042 (GCVE-0-2016-7042)
Vulnerability from cvelistv5 – Published: 2016-10-16 21:00 – Updated: 2024-08-06 01:50
VLAI
EPSS
Summary
The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| https://source.android.com/security/bulletin/2017… | x_refsource_CONFIRM |
| https://bugzilla.redhat.com/show_bug.cgi?id=1373966 | x_refsource_CONFIRM |
| http://www.openwall.com/lists/oss-security/2016/10/13/5 | mailing-listx_refsource_MLIST |
| https://access.redhat.com/errata/RHSA-2017:2669 | vendor-advisoryx_refsource_REDHAT |
| http://rhn.redhat.com/errata/RHSA-2017-0817.html | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:2077 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2017:1842 | vendor-advisoryx_refsource_REDHAT |
| http://www.securityfocus.com/bid/93544 | vdb-entryx_refsource_BID |
Date Public
2016-10-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T01:50:47.134Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"
},
{
"name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "RHSA-2017:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "93544",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93544"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-10-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"
},
{
"name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "RHSA-2017:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "93544",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93544"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-7042",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/2017-01-01.html",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/2017-01-01.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1373966"
},
{
"name": "[oss-security] 20161013 kernel: Stack corruption while reading /proc/keys (CVE-2016-7042)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2016/10/13/5"
},
{
"name": "RHSA-2017:2669",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "RHSA-2017:0817",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name": "RHSA-2017:2077",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "93544",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93544"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-7042",
"datePublished": "2016-10-16T21:00:00.000Z",
"dateReserved": "2016-08-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T01:50:47.134Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-7042",
"date": "2026-05-27",
"epss": "0.00097",
"percentile": "0.2648"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.8.2\", \"matchCriteriaId\": \"F2B9219B-3507-4C0A-90B0-3A53254FDCD0\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n proc_keys_show en security/keys/proc.c en el kernel de Linux hasta la versi\\u00f3n 4.8.2, cuando el protector de pila GNU Compiler Collection (gcc) est\\u00e1 habilitado, utiliza un tama\\u00f1o de b\\u00fafer incorrecto para ciertos datos de tiempo de espera, lo que permite a usuarios locales provocar una denegaci\\u00f3n de servicio (corrupci\\u00f3n de la memoria de pila y p\\u00e1nico) leyendo el archivo /proc/keys.\"}]",
"id": "CVE-2016-7042",
"lastModified": "2024-11-21T02:57:20.483",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 6.2, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.5, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2016-10-16T21:59:10.160",
"references": "[{\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0817.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/10/13/5\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.securityfocus.com/bid/93544\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1842\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2077\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2669\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1373966\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://source.android.com/security/bulletin/2017-01-01.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0817.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/10/13/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://www.securityfocus.com/bid/93544\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1842\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2077\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2669\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1373966\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://source.android.com/security/bulletin/2017-01-01.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-7042\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-10-16T21:59:10.160\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n proc_keys_show en security/keys/proc.c en el kernel de Linux hasta la versi\u00f3n 4.8.2, cuando el protector de pila GNU Compiler Collection (gcc) est\u00e1 habilitado, utiliza un tama\u00f1o de b\u00fafer incorrecto para ciertos datos de tiempo de espera, lo que permite a usuarios locales provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de la memoria de pila y p\u00e1nico) leyendo el archivo /proc/keys.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":6.2,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.8.2\",\"matchCriteriaId\":\"F2B9219B-3507-4C0A-90B0-3A53254FDCD0\"}]}]}],\"references\":[{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0817.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/10/13/5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.securityfocus.com/bid/93544\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1842\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2077\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2669\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1373966\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://source.android.com/security/bulletin/2017-01-01.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0817.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/10/13/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.securityfocus.com/bid/93544\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1842\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2077\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1373966\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://source.android.com/security/bulletin/2017-01-01.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2017:1102-1
Vulnerability from csaf_suse - Published: 2017-04-25 14:34 - Updated: 2017-04-25 14:34Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SLE-11 SP4 kernel was updated to 3.0.101.rt130-68 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during
a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the
existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of
an incomplete fix for CVE-2016-7097 (bnc#1021258).
- CVE-2016-7097: posix_acl: Clear SGID bit when setting file permissions (bsc#995968).
- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations
where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or
cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and
drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).
- CVE-2016-5696: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and
cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet,
especially in protocols that use long-lived connections, such as BGP (bnc#989152).
- CVE-2015-1350: Denial of service in notify_change for filesystem xattrs (bsc#914939).
- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship
between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause
a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).
- CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could have enabled a local
malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate
because it first requires compromising a privileged process and current compiler optimizations restrict access to the
vulnerable code. (bnc#1014746).
- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of
sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash)
or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system
call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).
- CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux
kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed
local users to cause a denial of service (memory corruption and system crash)
or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN
capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2)
SO_RCVBUF option (bnc#1013542).
- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly
initialize Code Segment (CS) in certain error cases, which allowed local users
to obtain sensitive information from kernel stack memory via a crafted
application (bnc#1013038).
- CVE-2016-9576: splice: introduce FMODE_SPLICE_READ and FMODE_SPLICE_WRITE (bsc#1013604)
- CVE-2016-9794: ALSA: pcm : Call kill_fasync() in stream lock (bsc#1013533)
- CVE-2016-3841: KABI workaround for ipv6: add complete rcu protection around np->opt (bsc#992566).
- CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c
in the Linux kernel allowed local users to cause a denial of service (memory
consumption) via crafted XFS filesystem operations (bnc#1012832).
- CVE-2015-8962: Double free vulnerability in the sg_common_write function in
drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or
cause a denial of service (memory corruption and system crash) by detaching a
device during an SG_IO ioctl call (bnc#1010501).
- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the
Linux kernel lacks chunk-length checking for the first chunk, which allowed
remote attackers to cause a denial of service (out-of-bounds slab access) or
possibly have unspecified other impact via crafted SCTP data (bnc#1011685).
- CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in
block/genhd.c in the Linux kernel allowed local users to gain privileges by
leveraging the execution of a certain stop operation even if the corresponding
start operation had failed (bnc#1010716).
- CVE-2016-7911: Race condition in the get_task_ioprio function in
block/ioprio.c in the Linux kernel allowed local users to gain privileges or
cause a denial of service (use-after-free) via a crafted ioprio_get system call
(bnc#1010711).
- CVE-2013-6368: The KVM subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (system crash) via a VAPIC
synchronization operation involving a page-end address (bnc#853052).
- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c
in the Linux kernel allowed local users to obtain sensitive information from
kernel memory by reading a tty data structure (bnc#1010507).
- CVE-2016-7916: Revert 'proc: prevent accessing /proc/<PID>/environ until it's ready (bsc#1010467)'
- CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux
kernel allowed local users to cause a denial of service (OOPS) by attempting to
trigger use of in-kernel hash algorithms for a socket that has received zero
bytes of data (bnc#1010150).
- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in
certain unusual hardware configurations, allowed remote attackers to execute
arbitrary code via crafted fragmented packets (bnc#1008833).
- CVE-2016-7042: KEYS: Fix short sprintf buffer in /proc/keys show function (bsc#1004517).
- CVE-2015-8956: Bluetooth: Fix potential NULL dereference in RFCOMM bind callback (bsc#1003925).
- CVE-2016-7117: net: Fix use after free in the recvmmsg exit path (bsc#1003077).
The following non-security bugs were fixed:
- blacklist.conf: 45f13df be2net: Enable Wake-On-LAN from shutdown for Skyhawk
- blacklist.conf: c9cc599 net/mlx4_core: Fix QUERY FUNC CAP flags
- 8250_pci: Fix potential use-after-free in error path (bsc#1013070).
- IB/mlx4: Fix error flow when sending mads under SRIOV (bsc#786036).
- IB/mlx4: Fix incorrect MC join state bit-masking on SR-IOV (bsc#786036).
- IB/mlx4: Fix memory leak if QP creation failed (bsc#786036).
- IB/mlx4: Fix potential deadlock when sending mad to wire (bsc#786036).
- IB/mlx4: Forbid using sysfs to change RoCE pkeys (bsc#786036).
- IB/mlx4: Use correct subnet-prefix in QP1 mads under SR-IOV (bsc#786036).
- apparmor: fix IRQ stack overflow during free_profile (bsc#1009875).
- arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).
- be2net: Do not leak iomapped memory on removal (bug#925065).
- block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557).
- bna: Add synchronization for tx ring (bsc#993739).
- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
- bnx2x: fix lockdep splat (bsc#908684).
- cifs: revert fs/cifs: fix wrongly prefixed path to root (bsc#963655)
- config.conf: add bigmem flavour on ppc64
- cpumask, nodemask: implement cpumask/nodemask_pr_args() (bnc1003866).
- cpumask_set_cpu_local_first => cpumask_local_spread, lament (bug#919382).
- crypto: add ghash-generic in the supported.conf(bsc#1016824)
- crypto: aesni - Add support for 192 & 256 bit keys to AESNI RFC4106 (bsc#913387, #bsc1016831).
- dm space map metadata: fix sm_bootstrap_get_nr_blocks()
- dm thin: fix race condition when destroying thin pool workqueue
- dm: do not call dm_sync_table() when creating new devices (bnc#901809, bsc#1008893).
- drm/mgag200: Added support for the new deviceID for G200eW3 (bnc#1019348)
- ext3: Avoid premature failure of ext3_has_free_blocks() (bsc#1016668).
- ext4: do not leave i_crtime.tv_sec uninitialized (bsc#1013018).
- ext4: fix reference counting bug on block allocation error (bsc#1013018).
- fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).
- fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133).
- fs/cifs: Fix regression which breaks DFS mounting (bsc#799133).
- fs/cifs: Move check for prefix path to within cifs_get_root() (bsc#799133).
- fs/cifs: cifs_get_root shouldn't use path with tree name (bsc#963655, bsc#979681).
- fs/cifs: make share unaccessible at root level mountable (bsc#799133).
- futex: Acknowledge a new waiter in counter before plist (bsc#851603).
- futex: Drop refcount if requeue_pi() acquired the rtmutex (bsc#851603).
- hpilo: Add support for iLO5 (bsc#999101).
- hv: do not lose pending heartbeat vmbus packets (bnc#1006919).
- hv: vmbus: avoid scheduling in interrupt context in vmbus_initiate_unload() (bnc#986337).
- hv: vmbus: avoid wait_for_completion() on crash (bnc#986337).
- hv: vmbus: do not loose HVMSG_TIMER_EXPIRED messages (bnc#986337).
- hv: vmbus: do not send CHANNELMSG_UNLOAD on pre-Win2012R2 hosts (bnc#986337).
- hv: vmbus: handle various crash scenarios (bnc#986337).
- hv: vmbus: remove code duplication in message handling (bnc#986337).
- hv: vss: run only on supported host versions (bnc#986337).
- i40e: fix an uninitialized variable bug (bsc#909484).
- ibmveth: calculate gso_segs for large packets (bsc#1019165, bsc#1019148).
- ibmveth: set correct gso_size and gso_type (bsc#1019165, bsc#1019148).
- igb: Enable SR-IOV configuration via PCI sysfs interface (bsc#909491).
- igb: Fix NULL assignment to incorrect variable in igb_reset_q_vector (bsc#795297).
- igb: Fix oops caused by missing queue pairing (bsc#909491).
- igb: Fix oops on changing number of rings (bsc#909491).
- igb: Remove unnecessary flag setting in igb_set_flag_queue_pairs() (bsc#909491).
- igb: Unpair the queues when changing the number of queues (bsc#909491).
- ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos too (bsc#865783).
- kabi-fix for flock_owner addition (bsc#998689).
- kexec: add a kexec_crash_loaded() function (bsc#973691).
- kvm: APIC: avoid instruction emulation for EOI writes (bsc#989680).
- kvm: Distangle eventfd code from irqchip (bsc#989680).
- kvm: Iterate over only vcpus that are preempted (bsc#989680).
- kvm: Record the preemption status of vcpus using preempt notifiers (bsc#989680).
- kvm: VMX: Pass vcpu to __vmx_complete_interrupts (bsc#989680).
- kvm: fold kvm_pit_timer into kvm_kpit_state (bsc#989680).
- kvm: make processes waiting on vcpu mutex killable (bsc#989680).
- kvm: nVMX: Add preemption timer support (bsc#989680).
- kvm: remove a wrong hack of delivery PIT intr to vcpu0 (bsc#989680).
- kvm: use symbolic constant for nr interrupts (bsc#989680).
- kvm: x86: Remove support for reporting coalesced APIC IRQs (bsc#989680).
- kvm: x86: Run PIT work in own kthread (bsc#989680).
- kvm: x86: limit difference between kvmclock updates (bsc#989680).
- kvm: x86: only channel 0 of the i8254 is linked to the HPET (bsc#960689).
- lib/vsprintf: implement bitmap printing through '%*pb[l]' (bnc#1003866).
- libata: introduce ata_host->n_tags to avoid oops on SAS controllers (bsc#871728).
- libata: remove n_tags to avoid kABI breakage (bsc#871728).
- libata: support the ata host which implements a queue depth less than 32 (bsc#871728)
- libfc: Do not take rdata->rp_mutex when processing a -FC_EX_CLOSED ELS response (bsc#962846).
- libfc: Fixup disc_mutex handling (bsc#962846).
- libfc: Issue PRLI after a PRLO has been received (bsc#962846).
- libfc: Revisit kref handling (bnc#990245).
- libfc: Update rport reference counting (bsc#953233).
- libfc: do not send ABTS when resetting exchanges (bsc#962846).
- libfc: fixup locking of ptp_setup() (bsc#962846).
- libfc: reset exchange manager during LOGO handling (bsc#962846).
- libfc: send LOGO for PLOGI failure (bsc#962846).
- locking/mutex: Explicitly mark task as running after wakeup (bsc#1012411).
- md/raid10: Fix memory leak when raid10 reshape completes
- md/raid10: always set reshape_safe when initializing reshape_position
- md: Drop sending a change uevent when stopping (bsc#1003568).
- md: check command validity early in md_ioctl() (bsc#1004520).
- md: fix problem when adding device to read-only array with bitmap (bnc#771065).
- memstick: mspro_block: add missing curly braces (bsc#1016688).
- mlx4: add missing braces in verify_qp_parameters (bsc#786036).
- mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations (bnc#763198).
- mm/memory.c: actually remap enough memory (bnc#1005903).
- mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone() (bnc#961589).
- mm: fix crashes from mbind() merging vmas (bnc#1005877).
- mm: fix sleeping function warning from __put_anon_vma (bnc#1005857).
- dcache: move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (bsc#984194).
- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).
- mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (bsc#1008645).
- mshyperv: fix recognition of Hyper-V guest crash MSR's (bnc#986337).
- net/mlx4: Copy/set only sizeof struct mlx4_eqe bytes (bsc#786036).
- net/mlx4_core: Allow resetting VF admin mac to zero (bsc#919382).
- net/mlx4_core: Avoid returning success in case of an error flow (bsc#786036).
- net/mlx4_core: Do not BUG_ON during reset when PCI is offline (bsc#924708).
- net/mlx4_core: Do not access comm channel if it has not yet been initialized (bsc#924708 bsc#786036).
- net/mlx4_core: Fix error message deprecation for ConnectX-2 cards (bug#919382).
- net/mlx4_core: Fix the resource-type enum in res tracker to conform to FW spec (bsc#786036).
- net/mlx4_core: Implement pci_resume callback (bsc#924708).
- net/mlx4_core: Update the HCA core clock frequency after INIT_PORT (bug#919382).
- net/mlx4_en: Choose time-stamping shift value according to HW frequency (bsc#919382).
- net/mlx4_en: Fix HW timestamp init issue upon system startup (bsc#919382).
- net/mlx4_en: Fix potential deadlock in port statistics flow (bsc#786036).
- net/mlx4_en: Move filters cleanup to a proper location (bsc#786036).
- net/mlx4_en: Remove dependency between timestamping capability and service_task (bsc#919382).
- net/mlx4_en: fix spurious timestamping callbacks (bsc#919382).
- netfilter: ipv4: defrag: set local_df flag on defragmented skb (bsc#907611).
- netfront: do not truncate grant references.
- netvsc: fix incorrect receive checksum offloading (bnc#1006917).
- nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944).
- nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).
- nfsv4.1: Fix an NFSv4.1 state renewal regression (bnc#863873).
- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).
- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
- nfsv4: Handle timeouts correctly when probing for lease validity (bsc#1014410).
- nfsv4: add flock_owner to open context (bnc#998689).
- nfsv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (bnc#998689).
- nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (bnc#998689).
- nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (bnc#998689).
- nvme: Automatic namespace rescan (bsc#1017686).
- nvme: Metadata format support (bsc#1017686).
- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).
- oom: print nodemask in the oom report (bnc#1003866).
- pci_ids: Add PCI device ID functions 3 and 4 for newer F15h models
- pm / hibernate: Fix rtree_next_node() to avoid walking off list ends (bnc#860441).
- posix-timers: Remove remaining uses of tasklist_lock (bnc#997401).
- posix-timers: Use sighand lock instead of tasklist_lock for task clock sample (bnc#997401).
- posix-timers: Use sighand lock instead of tasklist_lock on timer deletion (bnc#997401).
- powerpc/64: Fix incorrect return value from __copy_tofrom_user (bsc#1005896).
- powerpc/MSI: Fix race condition in tearing down MSI interrupts (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- powerpc/mm/hash64: Fix subpage protection with 4K HPTE config (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- powerpc/mm: Add 64TB support (bsc#928138,fate#319026).
- powerpc/mm: Change the swap encoding in pte (bsc#973203).
- powerpc/mm: Convert virtual address to vpn (bsc#928138,fate#319026).
- powerpc/mm: Fix hash computation function (bsc#928138,fate#319026).
- powerpc/mm: Increase the slice range to 64TB (bsc#928138,fate#319026).
- powerpc/mm: Make KERN_VIRT_SIZE not dependend on PGTABLE_RANGE (bsc#928138,fate#319026).
- powerpc/mm: Make some of the PGTABLE_RANGE dependency explicit (bsc#928138,fate#319026).
- powerpc/mm: Replace open coded CONTEXT_BITS value (bsc#928138,fate#319026).
- powerpc/mm: Simplify hpte_decode (bsc#928138,fate#319026).
- powerpc/mm: Update VSID allocation documentation (bsc#928138,fate#319026).
- powerpc/mm: Use 32bit array for slb cache (bsc#928138,fate#319026).
- powerpc/mm: Use hpt_va to compute virtual address (bsc#928138,fate#319026).
- powerpc/mm: Use the required number of VSID bits in slbmte (bsc#928138,fate#319026).
- powerpc/numa: Fix multiple bugs in memory_hotplug_max() (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813).
- powerpc: Add ability to build little endian kernels (bsc#967716).
- powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716).
- powerpc: Build fix for powerpc KVM (bsc#928138,fate#319026).
- powerpc: Do not build assembly files with ABIv2 (bsc#967716).
- powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).
- powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).
- powerpc: Fix error when cross building TAGS & cscope (bsc#967716).
- powerpc: Make VSID_BITS* dependency explicit (bsc#928138,fate#319026).
- powerpc: Make the vdso32 also build big-endian (bsc#967716).
- powerpc: Move kdump default base address to half RMO size on 64bit (bsc#1003344).
- powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).
- powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716).
- powerpc: Rename USER_ESID_BITS* to ESID_BITS* (bsc#928138,fate#319026).
- powerpc: Require gcc 4.0 on 64-bit (bsc#967716).
- powerpc: Update kernel VSID range (bsc#928138,fate#319026).
- powerpc: blacklist fixes for unsupported subarchitectures ppc32 only: 6e0fdf9af216 powerpc: fix typo 'CONFIG_PMAC'
obscure hardware: f7e9e3583625 powerpc: Fix missing L2 cache size in /sys/devices/system/cpu
- powerpc: dtc is required to build dtb files (bsc#967716).
- powerpc: fix typo 'CONFIG_PPC_CPU' (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- powerpc: scan_features() updates incorrect bits for REAL_LE (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- printk/sched: Introduce special printk_sched() for those awkward (bsc#1013042, bsc#996541, bsc#1015878).
- ptrace: __ptrace_may_access() should not deny sub-threads (bsc#1012851).
- qlcnic: fix a loop exit condition better (bsc#909350).
- qlcnic: fix a timeout loop (bsc#909350)
- qlcnic: use the correct ring in qlcnic_83xx_process_rcv_ring_diag() (bnc#800999).
- reiserfs: fix race in prealloc discard (bsc#987576).
- rpm/constraints.in: Bump ppc64 disk requirements to fix OBS builds again
- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
- rpm/package-descriptions: add -bigmem description
- rt2x00: fix rfkill regression on rt2500pci (bnc#748806).
- s390/cio: fix accidental interrupt enabling during resume (bnc#1003677, LTC#147606).
- s390/time: LPAR offset handling (bnc#1003677, LTC#146920).
- s390/time: move PTFF definitions (bnc#1003677, LTC#146920).
- scsi: lpfc: Set elsiocb contexts to NULL after freeing it (bsc#996557).
- scsi: lpfc: avoid double free of resource identifiers (bsc#989896).
- scsi: zfcp: spin_lock_irqsave() is not nestable (bsc#1003677,LTC#147374).
- scsi_error: count medium access timeout only once per EH run (bsc#993832).
- scsi_error: fixup crash in scsi_eh_reset (bsc#993832)
- serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013070).
- sfc: on MC reset, clear PIO buffer linkage in TXQs (bsc#909618).
- softirq: sirq threads raising another sirq delegate to the proper thread Otherwise, high priority timer threads expend
cycles precessing other sirqs, potentially increasing wakeup latencies as thes process sirqs at a priority other than
the priority specified by the user.
- sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a race (bnc#803320).
- sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917).
- sunrpc: Fix reconnection timeouts (bsc#1014410).
- sunrpc: Fix two issues with drop_caches and the sunrpc auth cache (bsc#1012917).
- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).
- tcp: fix inet6_csk_route_req() for link-local addresses (bsc#1010175).
- tcp: pass fl6 to inet6_csk_route_req() (bsc#1010175).
- tcp: plug dst leak in tcp_v6_conn_request() (bsc#1010175).
- tcp: use inet6_csk_route_req() in tcp_v6_send_synack() (bsc#1010175).
- tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#908458).
- tg3: Fix temperature reporting (bnc#790588).
- tty: Signal SIGHUP before hanging up ldisc (bnc#989764).
- usb: console: fix potential use after free (bsc#1015817).
- usb: console: fix uninitialised ldisc semaphore (bsc#1015817).
- usb: cp210x: Corrected USB request type definitions (bsc#1015932).
- usb: cp210x: relocate private data from USB interface to port (bsc#1015932).
- usb: cp210x: work around cp2108 GET_LINE_CTL bug (bsc#1015932).
- usb: ftdi_sio: fix null deref at port probe (bsc#1015796).
- usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices (bsc#922634).
- usb: hub: Fix unbalanced reference count/memory leak/deadlocks (bsc#968010).
- usb: ipaq.c: fix a timeout loop (bsc#1015848).
- usb: opticon: fix non-atomic allocation in write path (bsc#1015803).
- usb: option: fix runtime PM handling (bsc#1015752).
- usb: serial: cp210x: add 16-bit register access functions (bsc#1015932).
- usb: serial: cp210x: add 8-bit and 32-bit register access functions (bsc#1015932).
- usb: serial: cp210x: add new access functions for large registers (bsc#1015932).
- usb: serial: cp210x: fix hardware flow-control disable (bsc#1015932).
- usb: serial: fix potential use-after-free after failed probe (bsc#1015828).
- usb: serial: io_edgeport: fix memory leaks in attach error path (bsc#1016505).
- usb: serial: io_edgeport: fix memory leaks in probe error path (bsc#1016505).
- usb: serial: keyspan: fix use-after-free in probe error path (bsc#1016520).
- usb: sierra: fix AA deadlock in open error path (bsc#1015561).
- usb: sierra: fix remote wakeup (bsc#1015561).
- usb: sierra: fix urb and memory leak in resume error path (bsc#1015561).
- usb: sierra: fix urb and memory leak on disconnect (bsc#1015561).
- usb: sierra: fix use after free at suspend/resume (bsc#1015561).
- usb: usb_wwan: fix potential blocked I/O after resume (bsc#1015760).
- usb: usb_wwan: fix race between write and resume (bsc#1015760).
- usb: usb_wwan: fix urb leak at shutdown (bsc#1015760).
- usb: usb_wwan: fix urb leak in write error path (bsc#1015760).
- usb: usb_wwan: fix write and suspend race (bsc#1015760).
- usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).
- usblp: do not set TASK_INTERRUPTIBLE before lock (bsc#1015844).
- vmxnet3: Wake queue from reset work (bsc#999907).
- x86, amd_nb: Clarify F15h, model 30h GART and L3 support
- x86/MCE/intel: Cleanup CMCI storm logic (bsc#929141).
- x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and sync_regs (bsc#909077).
- x86/cpu/amd: Set X86_FEATURE_EXTD_APICID for future processors
- x86/gart: Check for GART support before accessing GART registers
- xenbus: do not invoke ->is_ready() for most device states (bsc#987333).
- zcrypt: Fix hang condition on crypto card config-off (bsc#1016320).
- zcrypt: Fix invalid domain response handling (bsc#1016320).
- zfcp: Fix erratic device offline during EH (bsc#993832).
- zfcp: close window with unblocked rport during rport gone (bnc#1003677).
- zfcp: fix D_ID field with actual value on tracing SAN responses (bnc#1003677).
- zfcp: fix ELS/GS request&response length for hardware data router (bnc#1003677).
- zfcp: fix payload trace length for SAN request&response (bnc#1003677).
- zfcp: restore tracing of handle for port and LUN with HBA records (bnc#1003677).
- zfcp: restore: Dont use 0 to indicate invalid LUN in rec trace (bnc#1003677).
- zfcp: retain trace level for SCSI and HBA FSF response records (bnc#1003677).
- zfcp: trace full payload of all SAN records (req,resp,iels) (bnc#1003677).
- zfcp: trace on request for open and close of WKA port (bnc#1003677).
Patchnames: slertesp4-kernel-13074
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.7 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.3 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
8.1 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.1 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
269 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SLE-11 SP4 kernel was updated to 3.0.101.rt130-68 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during\n a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the\n existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of\n an incomplete fix for CVE-2016-7097 (bnc#1021258).\n- CVE-2016-7097: posix_acl: Clear SGID bit when setting file permissions (bsc#995968).\n- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations\n where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or\n cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and \n drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).\n- CVE-2016-5696: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and\n cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet,\n especially in protocols that use long-lived connections, such as BGP (bnc#989152).\n- CVE-2015-1350: Denial of service in notify_change for filesystem xattrs (bsc#914939).\n- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship\n between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause\n a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).\n- CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could have enabled a local\n malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate\n because it first requires compromising a privileged process and current compiler optimizations restrict access to the\n vulnerable code. (bnc#1014746).\n- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of \n sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash)\n or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system\n call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).\n- CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux\n kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed\n local users to cause a denial of service (memory corruption and system crash)\n or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN\n capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2)\n SO_RCVBUF option (bnc#1013542).\n- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly\n initialize Code Segment (CS) in certain error cases, which allowed local users\n to obtain sensitive information from kernel stack memory via a crafted\n application (bnc#1013038).\n- CVE-2016-9576: splice: introduce FMODE_SPLICE_READ and FMODE_SPLICE_WRITE (bsc#1013604)\n- CVE-2016-9794: ALSA: pcm : Call kill_fasync() in stream lock (bsc#1013533)\n- CVE-2016-3841: KABI workaround for ipv6: add complete rcu protection around np-\u003eopt (bsc#992566).\n- CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c\n in the Linux kernel allowed local users to cause a denial of service (memory\n consumption) via crafted XFS filesystem operations (bnc#1012832).\n- CVE-2015-8962: Double free vulnerability in the sg_common_write function in\n drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or\n cause a denial of service (memory corruption and system crash) by detaching a\n device during an SG_IO ioctl call (bnc#1010501).\n- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the\n Linux kernel lacks chunk-length checking for the first chunk, which allowed\n remote attackers to cause a denial of service (out-of-bounds slab access) or\n possibly have unspecified other impact via crafted SCTP data (bnc#1011685).\n - CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in\n block/genhd.c in the Linux kernel allowed local users to gain privileges by\n leveraging the execution of a certain stop operation even if the corresponding\n start operation had failed (bnc#1010716).\n- CVE-2016-7911: Race condition in the get_task_ioprio function in\n block/ioprio.c in the Linux kernel allowed local users to gain privileges or\n cause a denial of service (use-after-free) via a crafted ioprio_get system call\n (bnc#1010711).\n- CVE-2013-6368: The KVM subsystem in the Linux kernel allowed local users to\n gain privileges or cause a denial of service (system crash) via a VAPIC\n synchronization operation involving a page-end address (bnc#853052).\n- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c\n in the Linux kernel allowed local users to obtain sensitive information from\n kernel memory by reading a tty data structure (bnc#1010507).\n- CVE-2016-7916: Revert \u0027proc: prevent accessing /proc/\u003cPID\u003e/environ until it\u0027s ready (bsc#1010467)\u0027\n- CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux\n kernel allowed local users to cause a denial of service (OOPS) by attempting to\n trigger use of in-kernel hash algorithms for a socket that has received zero\n bytes of data (bnc#1010150).\n- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in\n certain unusual hardware configurations, allowed remote attackers to execute\n arbitrary code via crafted fragmented packets (bnc#1008833).\n- CVE-2016-7042: KEYS: Fix short sprintf buffer in /proc/keys show function (bsc#1004517).\n- CVE-2015-8956: Bluetooth: Fix potential NULL dereference in RFCOMM bind callback (bsc#1003925).\n- CVE-2016-7117: net: Fix use after free in the recvmmsg exit path (bsc#1003077).\n\nThe following non-security bugs were fixed:\n\n- blacklist.conf: 45f13df be2net: Enable Wake-On-LAN from shutdown for Skyhawk\n- blacklist.conf: c9cc599 net/mlx4_core: Fix QUERY FUNC CAP flags\n\n- 8250_pci: Fix potential use-after-free in error path (bsc#1013070).\n- IB/mlx4: Fix error flow when sending mads under SRIOV (bsc#786036).\n- IB/mlx4: Fix incorrect MC join state bit-masking on SR-IOV (bsc#786036).\n- IB/mlx4: Fix memory leak if QP creation failed (bsc#786036).\n- IB/mlx4: Fix potential deadlock when sending mad to wire (bsc#786036).\n- IB/mlx4: Forbid using sysfs to change RoCE pkeys (bsc#786036).\n- IB/mlx4: Use correct subnet-prefix in QP1 mads under SR-IOV (bsc#786036).\n- apparmor: fix IRQ stack overflow during free_profile (bsc#1009875).\n- arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).\n- be2net: Do not leak iomapped memory on removal (bug#925065).\n- block_dev: do not test bdev-\u003ebd_contains when it is not stable (bsc#1008557).\n- bna: Add synchronization for tx ring (bsc#993739).\n- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).\n- bnx2x: fix lockdep splat (bsc#908684).\n- cifs: revert fs/cifs: fix wrongly prefixed path to root (bsc#963655)\n- config.conf: add bigmem flavour on ppc64\n- cpumask, nodemask: implement cpumask/nodemask_pr_args() (bnc1003866).\n- cpumask_set_cpu_local_first =\u003e cpumask_local_spread, lament (bug#919382).\n- crypto: add ghash-generic in the supported.conf(bsc#1016824)\n- crypto: aesni - Add support for 192 \u0026 256 bit keys to AESNI RFC4106 (bsc#913387, #bsc1016831).\n- dm space map metadata: fix sm_bootstrap_get_nr_blocks()\n- dm thin: fix race condition when destroying thin pool workqueue\n- dm: do not call dm_sync_table() when creating new devices (bnc#901809, bsc#1008893).\n- drm/mgag200: Added support for the new deviceID for G200eW3 (bnc#1019348)\n- ext3: Avoid premature failure of ext3_has_free_blocks() (bsc#1016668).\n- ext4: do not leave i_crtime.tv_sec uninitialized (bsc#1013018).\n- ext4: fix reference counting bug on block allocation error (bsc#1013018).\n- fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).\n- fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133).\n- fs/cifs: Fix regression which breaks DFS mounting (bsc#799133).\n- fs/cifs: Move check for prefix path to within cifs_get_root() (bsc#799133).\n- fs/cifs: cifs_get_root shouldn\u0027t use path with tree name (bsc#963655, bsc#979681).\n- fs/cifs: make share unaccessible at root level mountable (bsc#799133).\n- futex: Acknowledge a new waiter in counter before plist (bsc#851603).\n- futex: Drop refcount if requeue_pi() acquired the rtmutex (bsc#851603).\n- hpilo: Add support for iLO5 (bsc#999101).\n- hv: do not lose pending heartbeat vmbus packets (bnc#1006919).\n- hv: vmbus: avoid scheduling in interrupt context in vmbus_initiate_unload() (bnc#986337).\n- hv: vmbus: avoid wait_for_completion() on crash (bnc#986337).\n- hv: vmbus: do not loose HVMSG_TIMER_EXPIRED messages (bnc#986337).\n- hv: vmbus: do not send CHANNELMSG_UNLOAD on pre-Win2012R2 hosts (bnc#986337).\n- hv: vmbus: handle various crash scenarios (bnc#986337).\n- hv: vmbus: remove code duplication in message handling (bnc#986337).\n- hv: vss: run only on supported host versions (bnc#986337).\n- i40e: fix an uninitialized variable bug (bsc#909484).\n- ibmveth: calculate gso_segs for large packets (bsc#1019165, bsc#1019148).\n- ibmveth: set correct gso_size and gso_type (bsc#1019165, bsc#1019148).\n- igb: Enable SR-IOV configuration via PCI sysfs interface (bsc#909491).\n- igb: Fix NULL assignment to incorrect variable in igb_reset_q_vector (bsc#795297).\n- igb: Fix oops caused by missing queue pairing (bsc#909491).\n- igb: Fix oops on changing number of rings (bsc#909491).\n- igb: Remove unnecessary flag setting in igb_set_flag_queue_pairs() (bsc#909491).\n- igb: Unpair the queues when changing the number of queues (bsc#909491).\n- ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos too (bsc#865783).\n- kabi-fix for flock_owner addition (bsc#998689).\n- kexec: add a kexec_crash_loaded() function (bsc#973691).\n- kvm: APIC: avoid instruction emulation for EOI writes (bsc#989680).\n- kvm: Distangle eventfd code from irqchip (bsc#989680).\n- kvm: Iterate over only vcpus that are preempted (bsc#989680).\n- kvm: Record the preemption status of vcpus using preempt notifiers (bsc#989680).\n- kvm: VMX: Pass vcpu to __vmx_complete_interrupts (bsc#989680).\n- kvm: fold kvm_pit_timer into kvm_kpit_state (bsc#989680).\n- kvm: make processes waiting on vcpu mutex killable (bsc#989680).\n- kvm: nVMX: Add preemption timer support (bsc#989680).\n- kvm: remove a wrong hack of delivery PIT intr to vcpu0 (bsc#989680).\n- kvm: use symbolic constant for nr interrupts (bsc#989680).\n- kvm: x86: Remove support for reporting coalesced APIC IRQs (bsc#989680).\n- kvm: x86: Run PIT work in own kthread (bsc#989680).\n- kvm: x86: limit difference between kvmclock updates (bsc#989680).\n- kvm: x86: only channel 0 of the i8254 is linked to the HPET (bsc#960689).\n- lib/vsprintf: implement bitmap printing through \u0027%*pb[l]\u0027 (bnc#1003866).\n- libata: introduce ata_host-\u003en_tags to avoid oops on SAS controllers (bsc#871728).\n- libata: remove n_tags to avoid kABI breakage (bsc#871728).\n- libata: support the ata host which implements a queue depth less than 32 (bsc#871728)\n- libfc: Do not take rdata-\u003erp_mutex when processing a -FC_EX_CLOSED ELS response (bsc#962846).\n- libfc: Fixup disc_mutex handling (bsc#962846).\n- libfc: Issue PRLI after a PRLO has been received (bsc#962846).\n- libfc: Revisit kref handling (bnc#990245).\n- libfc: Update rport reference counting (bsc#953233).\n- libfc: do not send ABTS when resetting exchanges (bsc#962846).\n- libfc: fixup locking of ptp_setup() (bsc#962846).\n- libfc: reset exchange manager during LOGO handling (bsc#962846).\n- libfc: send LOGO for PLOGI failure (bsc#962846).\n- locking/mutex: Explicitly mark task as running after wakeup (bsc#1012411).\n- md/raid10: Fix memory leak when raid10 reshape completes\n- md/raid10: always set reshape_safe when initializing reshape_position\n- md: Drop sending a change uevent when stopping (bsc#1003568).\n- md: check command validity early in md_ioctl() (bsc#1004520).\n- md: fix problem when adding device to read-only array with bitmap (bnc#771065).\n- memstick: mspro_block: add missing curly braces (bsc#1016688).\n- mlx4: add missing braces in verify_qp_parameters (bsc#786036).\n- mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations (bnc#763198).\n- mm/memory.c: actually remap enough memory (bnc#1005903).\n- mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone() (bnc#961589).\n- mm: fix crashes from mbind() merging vmas (bnc#1005877).\n- mm: fix sleeping function warning from __put_anon_vma (bnc#1005857).\n- dcache: move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (bsc#984194).\n- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).\n- mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (bsc#1008645).\n- mshyperv: fix recognition of Hyper-V guest crash MSR\u0027s (bnc#986337).\n- net/mlx4: Copy/set only sizeof struct mlx4_eqe bytes (bsc#786036).\n- net/mlx4_core: Allow resetting VF admin mac to zero (bsc#919382).\n- net/mlx4_core: Avoid returning success in case of an error flow (bsc#786036).\n- net/mlx4_core: Do not BUG_ON during reset when PCI is offline (bsc#924708).\n- net/mlx4_core: Do not access comm channel if it has not yet been initialized (bsc#924708 bsc#786036).\n- net/mlx4_core: Fix error message deprecation for ConnectX-2 cards (bug#919382).\n- net/mlx4_core: Fix the resource-type enum in res tracker to conform to FW spec (bsc#786036).\n- net/mlx4_core: Implement pci_resume callback (bsc#924708).\n- net/mlx4_core: Update the HCA core clock frequency after INIT_PORT (bug#919382).\n- net/mlx4_en: Choose time-stamping shift value according to HW frequency (bsc#919382).\n- net/mlx4_en: Fix HW timestamp init issue upon system startup (bsc#919382).\n- net/mlx4_en: Fix potential deadlock in port statistics flow (bsc#786036).\n- net/mlx4_en: Move filters cleanup to a proper location (bsc#786036).\n- net/mlx4_en: Remove dependency between timestamping capability and service_task (bsc#919382).\n- net/mlx4_en: fix spurious timestamping callbacks (bsc#919382).\n- netfilter: ipv4: defrag: set local_df flag on defragmented skb (bsc#907611).\n- netfront: do not truncate grant references.\n- netvsc: fix incorrect receive checksum offloading (bnc#1006917).\n- nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944).\n- nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).\n- nfsv4.1: Fix an NFSv4.1 state renewal regression (bnc#863873).\n- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).\n- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).\n- nfsv4: Handle timeouts correctly when probing for lease validity (bsc#1014410).\n- nfsv4: add flock_owner to open context (bnc#998689).\n- nfsv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (bnc#998689).\n- nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (bnc#998689).\n- nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (bnc#998689).\n- nvme: Automatic namespace rescan (bsc#1017686).\n- nvme: Metadata format support (bsc#1017686).\n- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).\n- oom: print nodemask in the oom report (bnc#1003866).\n- pci_ids: Add PCI device ID functions 3 and 4 for newer F15h models\n- pm / hibernate: Fix rtree_next_node() to avoid walking off list ends (bnc#860441).\n- posix-timers: Remove remaining uses of tasklist_lock (bnc#997401).\n- posix-timers: Use sighand lock instead of tasklist_lock for task clock sample (bnc#997401).\n- posix-timers: Use sighand lock instead of tasklist_lock on timer deletion (bnc#997401).\n- powerpc/64: Fix incorrect return value from __copy_tofrom_user (bsc#1005896).\n- powerpc/MSI: Fix race condition in tearing down MSI interrupts (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- powerpc/mm/hash64: Fix subpage protection with 4K HPTE config (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- powerpc/mm: Add 64TB support (bsc#928138,fate#319026).\n- powerpc/mm: Change the swap encoding in pte (bsc#973203).\n- powerpc/mm: Convert virtual address to vpn (bsc#928138,fate#319026).\n- powerpc/mm: Fix hash computation function (bsc#928138,fate#319026).\n- powerpc/mm: Increase the slice range to 64TB (bsc#928138,fate#319026).\n- powerpc/mm: Make KERN_VIRT_SIZE not dependend on PGTABLE_RANGE (bsc#928138,fate#319026).\n- powerpc/mm: Make some of the PGTABLE_RANGE dependency explicit (bsc#928138,fate#319026).\n- powerpc/mm: Replace open coded CONTEXT_BITS value (bsc#928138,fate#319026).\n- powerpc/mm: Simplify hpte_decode (bsc#928138,fate#319026).\n- powerpc/mm: Update VSID allocation documentation (bsc#928138,fate#319026).\n- powerpc/mm: Use 32bit array for slb cache (bsc#928138,fate#319026).\n- powerpc/mm: Use hpt_va to compute virtual address (bsc#928138,fate#319026).\n- powerpc/mm: Use the required number of VSID bits in slbmte (bsc#928138,fate#319026).\n- powerpc/numa: Fix multiple bugs in memory_hotplug_max() (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813).\n- powerpc: Add ability to build little endian kernels (bsc#967716).\n- powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716).\n- powerpc: Build fix for powerpc KVM (bsc#928138,fate#319026).\n- powerpc: Do not build assembly files with ABIv2 (bsc#967716).\n- powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).\n- powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).\n- powerpc: Fix error when cross building TAGS \u0026 cscope (bsc#967716).\n- powerpc: Make VSID_BITS* dependency explicit (bsc#928138,fate#319026).\n- powerpc: Make the vdso32 also build big-endian (bsc#967716).\n- powerpc: Move kdump default base address to half RMO size on 64bit (bsc#1003344).\n- powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).\n- powerpc: Remove buggy 9-year-old test for binutils \u003c 2.12.1 (bsc#967716).\n- powerpc: Rename USER_ESID_BITS* to ESID_BITS* (bsc#928138,fate#319026).\n- powerpc: Require gcc 4.0 on 64-bit (bsc#967716).\n- powerpc: Update kernel VSID range (bsc#928138,fate#319026).\n- powerpc: blacklist fixes for unsupported subarchitectures ppc32 only: 6e0fdf9af216 powerpc: fix typo \u0027CONFIG_PMAC\u0027\n obscure hardware: f7e9e3583625 powerpc: Fix missing L2 cache size in /sys/devices/system/cpu\n- powerpc: dtc is required to build dtb files (bsc#967716).\n- powerpc: fix typo \u0027CONFIG_PPC_CPU\u0027 (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- powerpc: scan_features() updates incorrect bits for REAL_LE (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- printk/sched: Introduce special printk_sched() for those awkward (bsc#1013042, bsc#996541, bsc#1015878).\n- ptrace: __ptrace_may_access() should not deny sub-threads (bsc#1012851).\n- qlcnic: fix a loop exit condition better (bsc#909350).\n- qlcnic: fix a timeout loop (bsc#909350)\n- qlcnic: use the correct ring in qlcnic_83xx_process_rcv_ring_diag() (bnc#800999).\n- reiserfs: fix race in prealloc discard (bsc#987576).\n- rpm/constraints.in: Bump ppc64 disk requirements to fix OBS builds again\n- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)\n- rpm/package-descriptions: add -bigmem description\n- rt2x00: fix rfkill regression on rt2500pci (bnc#748806).\n- s390/cio: fix accidental interrupt enabling during resume (bnc#1003677, LTC#147606).\n- s390/time: LPAR offset handling (bnc#1003677, LTC#146920).\n- s390/time: move PTFF definitions (bnc#1003677, LTC#146920).\n- scsi: lpfc: Set elsiocb contexts to NULL after freeing it (bsc#996557).\n- scsi: lpfc: avoid double free of resource identifiers (bsc#989896).\n- scsi: zfcp: spin_lock_irqsave() is not nestable (bsc#1003677,LTC#147374).\n- scsi_error: count medium access timeout only once per EH run (bsc#993832).\n- scsi_error: fixup crash in scsi_eh_reset (bsc#993832)\n- serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013070).\n- sfc: on MC reset, clear PIO buffer linkage in TXQs (bsc#909618).\n- softirq: sirq threads raising another sirq delegate to the proper thread Otherwise, high priority timer threads expend\n cycles precessing other sirqs, potentially increasing wakeup latencies as thes process sirqs at a priority other than\n the priority specified by the user.\n- sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a race (bnc#803320).\n- sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917).\n- sunrpc: Fix reconnection timeouts (bsc#1014410).\n- sunrpc: Fix two issues with drop_caches and the sunrpc auth cache (bsc#1012917).\n- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).\n- tcp: fix inet6_csk_route_req() for link-local addresses (bsc#1010175).\n- tcp: pass fl6 to inet6_csk_route_req() (bsc#1010175).\n- tcp: plug dst leak in tcp_v6_conn_request() (bsc#1010175).\n- tcp: use inet6_csk_route_req() in tcp_v6_send_synack() (bsc#1010175).\n- tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#908458).\n- tg3: Fix temperature reporting (bnc#790588).\n- tty: Signal SIGHUP before hanging up ldisc (bnc#989764).\n- usb: console: fix potential use after free (bsc#1015817).\n- usb: console: fix uninitialised ldisc semaphore (bsc#1015817).\n- usb: cp210x: Corrected USB request type definitions (bsc#1015932).\n- usb: cp210x: relocate private data from USB interface to port (bsc#1015932).\n- usb: cp210x: work around cp2108 GET_LINE_CTL bug (bsc#1015932).\n- usb: ftdi_sio: fix null deref at port probe (bsc#1015796).\n- usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices (bsc#922634).\n- usb: hub: Fix unbalanced reference count/memory leak/deadlocks (bsc#968010).\n- usb: ipaq.c: fix a timeout loop (bsc#1015848).\n- usb: opticon: fix non-atomic allocation in write path (bsc#1015803).\n- usb: option: fix runtime PM handling (bsc#1015752).\n- usb: serial: cp210x: add 16-bit register access functions (bsc#1015932).\n- usb: serial: cp210x: add 8-bit and 32-bit register access functions (bsc#1015932).\n- usb: serial: cp210x: add new access functions for large registers (bsc#1015932).\n- usb: serial: cp210x: fix hardware flow-control disable (bsc#1015932).\n- usb: serial: fix potential use-after-free after failed probe (bsc#1015828).\n- usb: serial: io_edgeport: fix memory leaks in attach error path (bsc#1016505).\n- usb: serial: io_edgeport: fix memory leaks in probe error path (bsc#1016505).\n- usb: serial: keyspan: fix use-after-free in probe error path (bsc#1016520).\n- usb: sierra: fix AA deadlock in open error path (bsc#1015561).\n- usb: sierra: fix remote wakeup (bsc#1015561).\n- usb: sierra: fix urb and memory leak in resume error path (bsc#1015561).\n- usb: sierra: fix urb and memory leak on disconnect (bsc#1015561).\n- usb: sierra: fix use after free at suspend/resume (bsc#1015561).\n- usb: usb_wwan: fix potential blocked I/O after resume (bsc#1015760).\n- usb: usb_wwan: fix race between write and resume (bsc#1015760).\n- usb: usb_wwan: fix urb leak at shutdown (bsc#1015760).\n- usb: usb_wwan: fix urb leak in write error path (bsc#1015760).\n- usb: usb_wwan: fix write and suspend race (bsc#1015760).\n- usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).\n- usblp: do not set TASK_INTERRUPTIBLE before lock (bsc#1015844).\n- vmxnet3: Wake queue from reset work (bsc#999907).\n- x86, amd_nb: Clarify F15h, model 30h GART and L3 support\n- x86/MCE/intel: Cleanup CMCI storm logic (bsc#929141).\n- x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and sync_regs (bsc#909077).\n- x86/cpu/amd: Set X86_FEATURE_EXTD_APICID for future processors\n- x86/gart: Check for GART support before accessing GART registers\n- xenbus: do not invoke -\u003eis_ready() for most device states (bsc#987333).\n- zcrypt: Fix hang condition on crypto card config-off (bsc#1016320).\n- zcrypt: Fix invalid domain response handling (bsc#1016320).\n- zfcp: Fix erratic device offline during EH (bsc#993832).\n- zfcp: close window with unblocked rport during rport gone (bnc#1003677).\n- zfcp: fix D_ID field with actual value on tracing SAN responses (bnc#1003677).\n- zfcp: fix ELS/GS request\u0026response length for hardware data router (bnc#1003677).\n- zfcp: fix payload trace length for SAN request\u0026response (bnc#1003677).\n- zfcp: restore tracing of handle for port and LUN with HBA records (bnc#1003677).\n- zfcp: restore: Dont use 0 to indicate invalid LUN in rec trace (bnc#1003677).\n- zfcp: retain trace level for SCSI and HBA FSF response records (bnc#1003677).\n- zfcp: trace full payload of all SAN records (req,resp,iels) (bnc#1003677).\n- zfcp: trace on request for open and close of WKA port (bnc#1003677).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slertesp4-kernel-13074",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_1102-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:1102-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171102-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:1102-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-April/002828.html"
},
{
"category": "self",
"summary": "SUSE Bug 1003077",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "self",
"summary": "SUSE Bug 1003344",
"url": "https://bugzilla.suse.com/1003344"
},
{
"category": "self",
"summary": "SUSE Bug 1003568",
"url": "https://bugzilla.suse.com/1003568"
},
{
"category": "self",
"summary": "SUSE Bug 1003677",
"url": "https://bugzilla.suse.com/1003677"
},
{
"category": "self",
"summary": "SUSE Bug 1003813",
"url": "https://bugzilla.suse.com/1003813"
},
{
"category": "self",
"summary": "SUSE Bug 1003866",
"url": "https://bugzilla.suse.com/1003866"
},
{
"category": "self",
"summary": "SUSE Bug 1003925",
"url": "https://bugzilla.suse.com/1003925"
},
{
"category": "self",
"summary": "SUSE Bug 1004517",
"url": "https://bugzilla.suse.com/1004517"
},
{
"category": "self",
"summary": "SUSE Bug 1004520",
"url": "https://bugzilla.suse.com/1004520"
},
{
"category": "self",
"summary": "SUSE Bug 1005857",
"url": "https://bugzilla.suse.com/1005857"
},
{
"category": "self",
"summary": "SUSE Bug 1005877",
"url": "https://bugzilla.suse.com/1005877"
},
{
"category": "self",
"summary": "SUSE Bug 1005896",
"url": "https://bugzilla.suse.com/1005896"
},
{
"category": "self",
"summary": "SUSE Bug 1005903",
"url": "https://bugzilla.suse.com/1005903"
},
{
"category": "self",
"summary": "SUSE Bug 1006917",
"url": "https://bugzilla.suse.com/1006917"
},
{
"category": "self",
"summary": "SUSE Bug 1006919",
"url": "https://bugzilla.suse.com/1006919"
},
{
"category": "self",
"summary": "SUSE Bug 1007615",
"url": "https://bugzilla.suse.com/1007615"
},
{
"category": "self",
"summary": "SUSE Bug 1007944",
"url": "https://bugzilla.suse.com/1007944"
},
{
"category": "self",
"summary": "SUSE Bug 1008557",
"url": "https://bugzilla.suse.com/1008557"
},
{
"category": "self",
"summary": "SUSE Bug 1008645",
"url": "https://bugzilla.suse.com/1008645"
},
{
"category": "self",
"summary": "SUSE Bug 1008831",
"url": "https://bugzilla.suse.com/1008831"
},
{
"category": "self",
"summary": "SUSE Bug 1008833",
"url": "https://bugzilla.suse.com/1008833"
},
{
"category": "self",
"summary": "SUSE Bug 1008893",
"url": "https://bugzilla.suse.com/1008893"
},
{
"category": "self",
"summary": "SUSE Bug 1009875",
"url": "https://bugzilla.suse.com/1009875"
},
{
"category": "self",
"summary": "SUSE Bug 1010150",
"url": "https://bugzilla.suse.com/1010150"
},
{
"category": "self",
"summary": "SUSE Bug 1010175",
"url": "https://bugzilla.suse.com/1010175"
},
{
"category": "self",
"summary": "SUSE Bug 1010201",
"url": "https://bugzilla.suse.com/1010201"
},
{
"category": "self",
"summary": "SUSE Bug 1010467",
"url": "https://bugzilla.suse.com/1010467"
},
{
"category": "self",
"summary": "SUSE Bug 1010501",
"url": "https://bugzilla.suse.com/1010501"
},
{
"category": "self",
"summary": "SUSE Bug 1010507",
"url": "https://bugzilla.suse.com/1010507"
},
{
"category": "self",
"summary": "SUSE Bug 1010711",
"url": "https://bugzilla.suse.com/1010711"
},
{
"category": "self",
"summary": "SUSE Bug 1010716",
"url": "https://bugzilla.suse.com/1010716"
},
{
"category": "self",
"summary": "SUSE Bug 1011685",
"url": "https://bugzilla.suse.com/1011685"
},
{
"category": "self",
"summary": "SUSE Bug 1011820",
"url": "https://bugzilla.suse.com/1011820"
},
{
"category": "self",
"summary": "SUSE Bug 1012411",
"url": "https://bugzilla.suse.com/1012411"
},
{
"category": "self",
"summary": "SUSE Bug 1012422",
"url": "https://bugzilla.suse.com/1012422"
},
{
"category": "self",
"summary": "SUSE Bug 1012832",
"url": "https://bugzilla.suse.com/1012832"
},
{
"category": "self",
"summary": "SUSE Bug 1012851",
"url": "https://bugzilla.suse.com/1012851"
},
{
"category": "self",
"summary": "SUSE Bug 1012917",
"url": "https://bugzilla.suse.com/1012917"
},
{
"category": "self",
"summary": "SUSE Bug 1013018",
"url": "https://bugzilla.suse.com/1013018"
},
{
"category": "self",
"summary": "SUSE Bug 1013038",
"url": "https://bugzilla.suse.com/1013038"
},
{
"category": "self",
"summary": "SUSE Bug 1013042",
"url": "https://bugzilla.suse.com/1013042"
},
{
"category": "self",
"summary": "SUSE Bug 1013070",
"url": "https://bugzilla.suse.com/1013070"
},
{
"category": "self",
"summary": "SUSE Bug 1013531",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "self",
"summary": "SUSE Bug 1013533",
"url": "https://bugzilla.suse.com/1013533"
},
{
"category": "self",
"summary": "SUSE Bug 1013542",
"url": "https://bugzilla.suse.com/1013542"
},
{
"category": "self",
"summary": "SUSE Bug 1013604",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "self",
"summary": "SUSE Bug 1014410",
"url": "https://bugzilla.suse.com/1014410"
},
{
"category": "self",
"summary": "SUSE Bug 1014454",
"url": "https://bugzilla.suse.com/1014454"
},
{
"category": "self",
"summary": "SUSE Bug 1014746",
"url": "https://bugzilla.suse.com/1014746"
},
{
"category": "self",
"summary": "SUSE Bug 1015561",
"url": "https://bugzilla.suse.com/1015561"
},
{
"category": "self",
"summary": "SUSE Bug 1015752",
"url": "https://bugzilla.suse.com/1015752"
},
{
"category": "self",
"summary": "SUSE Bug 1015760",
"url": "https://bugzilla.suse.com/1015760"
},
{
"category": "self",
"summary": "SUSE Bug 1015796",
"url": "https://bugzilla.suse.com/1015796"
},
{
"category": "self",
"summary": "SUSE Bug 1015803",
"url": "https://bugzilla.suse.com/1015803"
},
{
"category": "self",
"summary": "SUSE Bug 1015817",
"url": "https://bugzilla.suse.com/1015817"
},
{
"category": "self",
"summary": "SUSE Bug 1015828",
"url": "https://bugzilla.suse.com/1015828"
},
{
"category": "self",
"summary": "SUSE Bug 1015844",
"url": "https://bugzilla.suse.com/1015844"
},
{
"category": "self",
"summary": "SUSE Bug 1015848",
"url": "https://bugzilla.suse.com/1015848"
},
{
"category": "self",
"summary": "SUSE Bug 1015878",
"url": "https://bugzilla.suse.com/1015878"
},
{
"category": "self",
"summary": "SUSE Bug 1015932",
"url": "https://bugzilla.suse.com/1015932"
},
{
"category": "self",
"summary": "SUSE Bug 1016320",
"url": "https://bugzilla.suse.com/1016320"
},
{
"category": "self",
"summary": "SUSE Bug 1016505",
"url": "https://bugzilla.suse.com/1016505"
},
{
"category": "self",
"summary": "SUSE Bug 1016520",
"url": "https://bugzilla.suse.com/1016520"
},
{
"category": "self",
"summary": "SUSE Bug 1016668",
"url": "https://bugzilla.suse.com/1016668"
},
{
"category": "self",
"summary": "SUSE Bug 1016688",
"url": "https://bugzilla.suse.com/1016688"
},
{
"category": "self",
"summary": "SUSE Bug 1016824",
"url": "https://bugzilla.suse.com/1016824"
},
{
"category": "self",
"summary": "SUSE Bug 1016831",
"url": "https://bugzilla.suse.com/1016831"
},
{
"category": "self",
"summary": "SUSE Bug 1017686",
"url": "https://bugzilla.suse.com/1017686"
},
{
"category": "self",
"summary": "SUSE Bug 1017710",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "self",
"summary": "SUSE Bug 1019148",
"url": "https://bugzilla.suse.com/1019148"
},
{
"category": "self",
"summary": "SUSE Bug 1019165",
"url": "https://bugzilla.suse.com/1019165"
},
{
"category": "self",
"summary": "SUSE Bug 1019348",
"url": "https://bugzilla.suse.com/1019348"
},
{
"category": "self",
"summary": "SUSE Bug 1019783",
"url": "https://bugzilla.suse.com/1019783"
},
{
"category": "self",
"summary": "SUSE Bug 1020214",
"url": "https://bugzilla.suse.com/1020214"
},
{
"category": "self",
"summary": "SUSE Bug 1021258",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "self",
"summary": "SUSE Bug 748806",
"url": "https://bugzilla.suse.com/748806"
},
{
"category": "self",
"summary": "SUSE Bug 763198",
"url": "https://bugzilla.suse.com/763198"
},
{
"category": "self",
"summary": "SUSE Bug 771065",
"url": "https://bugzilla.suse.com/771065"
},
{
"category": "self",
"summary": "SUSE Bug 786036",
"url": "https://bugzilla.suse.com/786036"
},
{
"category": "self",
"summary": "SUSE Bug 790588",
"url": "https://bugzilla.suse.com/790588"
},
{
"category": "self",
"summary": "SUSE Bug 795297",
"url": "https://bugzilla.suse.com/795297"
},
{
"category": "self",
"summary": "SUSE Bug 799133",
"url": "https://bugzilla.suse.com/799133"
},
{
"category": "self",
"summary": "SUSE Bug 800999",
"url": "https://bugzilla.suse.com/800999"
},
{
"category": "self",
"summary": "SUSE Bug 803320",
"url": "https://bugzilla.suse.com/803320"
},
{
"category": "self",
"summary": "SUSE Bug 821612",
"url": "https://bugzilla.suse.com/821612"
},
{
"category": "self",
"summary": "SUSE Bug 824171",
"url": "https://bugzilla.suse.com/824171"
},
{
"category": "self",
"summary": "SUSE Bug 851603",
"url": "https://bugzilla.suse.com/851603"
},
{
"category": "self",
"summary": "SUSE Bug 853052",
"url": "https://bugzilla.suse.com/853052"
},
{
"category": "self",
"summary": "SUSE Bug 860441",
"url": "https://bugzilla.suse.com/860441"
},
{
"category": "self",
"summary": "SUSE Bug 863873",
"url": "https://bugzilla.suse.com/863873"
},
{
"category": "self",
"summary": "SUSE Bug 865783",
"url": "https://bugzilla.suse.com/865783"
},
{
"category": "self",
"summary": "SUSE Bug 871728",
"url": "https://bugzilla.suse.com/871728"
},
{
"category": "self",
"summary": "SUSE Bug 901809",
"url": "https://bugzilla.suse.com/901809"
},
{
"category": "self",
"summary": "SUSE Bug 907611",
"url": "https://bugzilla.suse.com/907611"
},
{
"category": "self",
"summary": "SUSE Bug 908458",
"url": "https://bugzilla.suse.com/908458"
},
{
"category": "self",
"summary": "SUSE Bug 908684",
"url": "https://bugzilla.suse.com/908684"
},
{
"category": "self",
"summary": "SUSE Bug 909077",
"url": "https://bugzilla.suse.com/909077"
},
{
"category": "self",
"summary": "SUSE Bug 909350",
"url": "https://bugzilla.suse.com/909350"
},
{
"category": "self",
"summary": "SUSE Bug 909484",
"url": "https://bugzilla.suse.com/909484"
},
{
"category": "self",
"summary": "SUSE Bug 909491",
"url": "https://bugzilla.suse.com/909491"
},
{
"category": "self",
"summary": "SUSE Bug 909618",
"url": "https://bugzilla.suse.com/909618"
},
{
"category": "self",
"summary": "SUSE Bug 913387",
"url": "https://bugzilla.suse.com/913387"
},
{
"category": "self",
"summary": "SUSE Bug 914939",
"url": "https://bugzilla.suse.com/914939"
},
{
"category": "self",
"summary": "SUSE Bug 919382",
"url": "https://bugzilla.suse.com/919382"
},
{
"category": "self",
"summary": "SUSE Bug 922634",
"url": "https://bugzilla.suse.com/922634"
},
{
"category": "self",
"summary": "SUSE Bug 924708",
"url": "https://bugzilla.suse.com/924708"
},
{
"category": "self",
"summary": "SUSE Bug 925065",
"url": "https://bugzilla.suse.com/925065"
},
{
"category": "self",
"summary": "SUSE Bug 928138",
"url": "https://bugzilla.suse.com/928138"
},
{
"category": "self",
"summary": "SUSE Bug 929141",
"url": "https://bugzilla.suse.com/929141"
},
{
"category": "self",
"summary": "SUSE Bug 953233",
"url": "https://bugzilla.suse.com/953233"
},
{
"category": "self",
"summary": "SUSE Bug 956514",
"url": "https://bugzilla.suse.com/956514"
},
{
"category": "self",
"summary": "SUSE Bug 960689",
"url": "https://bugzilla.suse.com/960689"
},
{
"category": "self",
"summary": "SUSE Bug 961589",
"url": "https://bugzilla.suse.com/961589"
},
{
"category": "self",
"summary": "SUSE Bug 962846",
"url": "https://bugzilla.suse.com/962846"
},
{
"category": "self",
"summary": "SUSE Bug 963655",
"url": "https://bugzilla.suse.com/963655"
},
{
"category": "self",
"summary": "SUSE Bug 967716",
"url": "https://bugzilla.suse.com/967716"
},
{
"category": "self",
"summary": "SUSE Bug 968010",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "self",
"summary": "SUSE Bug 969340",
"url": "https://bugzilla.suse.com/969340"
},
{
"category": "self",
"summary": "SUSE Bug 973203",
"url": "https://bugzilla.suse.com/973203"
},
{
"category": "self",
"summary": "SUSE Bug 973691",
"url": "https://bugzilla.suse.com/973691"
},
{
"category": "self",
"summary": "SUSE Bug 979681",
"url": "https://bugzilla.suse.com/979681"
},
{
"category": "self",
"summary": "SUSE Bug 984194",
"url": "https://bugzilla.suse.com/984194"
},
{
"category": "self",
"summary": "SUSE Bug 986337",
"url": "https://bugzilla.suse.com/986337"
},
{
"category": "self",
"summary": "SUSE Bug 987333",
"url": "https://bugzilla.suse.com/987333"
},
{
"category": "self",
"summary": "SUSE Bug 987576",
"url": "https://bugzilla.suse.com/987576"
},
{
"category": "self",
"summary": "SUSE Bug 989152",
"url": "https://bugzilla.suse.com/989152"
},
{
"category": "self",
"summary": "SUSE Bug 989680",
"url": "https://bugzilla.suse.com/989680"
},
{
"category": "self",
"summary": "SUSE Bug 989764",
"url": "https://bugzilla.suse.com/989764"
},
{
"category": "self",
"summary": "SUSE Bug 989896",
"url": "https://bugzilla.suse.com/989896"
},
{
"category": "self",
"summary": "SUSE Bug 990245",
"url": "https://bugzilla.suse.com/990245"
},
{
"category": "self",
"summary": "SUSE Bug 992566",
"url": "https://bugzilla.suse.com/992566"
},
{
"category": "self",
"summary": "SUSE Bug 992991",
"url": "https://bugzilla.suse.com/992991"
},
{
"category": "self",
"summary": "SUSE Bug 993739",
"url": "https://bugzilla.suse.com/993739"
},
{
"category": "self",
"summary": "SUSE Bug 993832",
"url": "https://bugzilla.suse.com/993832"
},
{
"category": "self",
"summary": "SUSE Bug 995968",
"url": "https://bugzilla.suse.com/995968"
},
{
"category": "self",
"summary": "SUSE Bug 996541",
"url": "https://bugzilla.suse.com/996541"
},
{
"category": "self",
"summary": "SUSE Bug 996557",
"url": "https://bugzilla.suse.com/996557"
},
{
"category": "self",
"summary": "SUSE Bug 997401",
"url": "https://bugzilla.suse.com/997401"
},
{
"category": "self",
"summary": "SUSE Bug 998689",
"url": "https://bugzilla.suse.com/998689"
},
{
"category": "self",
"summary": "SUSE Bug 999101",
"url": "https://bugzilla.suse.com/999101"
},
{
"category": "self",
"summary": "SUSE Bug 999907",
"url": "https://bugzilla.suse.com/999907"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2004-0230 page",
"url": "https://www.suse.com/security/cve/CVE-2004-0230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-6704 page",
"url": "https://www.suse.com/security/cve/CVE-2012-6704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6368 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1350 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8956 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8962 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8964 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10088 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3841 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5696 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7042 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7097 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7117 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7910 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7911 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7916 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8399 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8632 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8633 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8646 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9555 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9576 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9685 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9756 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9793 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9794 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5551 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5551/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-04-25T14:34:26Z",
"generator": {
"date": "2017-04-25T14:34:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:1102-1",
"initial_release_date": "2017-04-25T14:34:26Z",
"revision_history": [
{
"date": "2017-04-25T14:34:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt-base-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-source-rt-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:suse-linux-enterprise-rt:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2004-0230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2004-0230"
}
],
"notes": [
{
"category": "general",
"text": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2004-0230",
"url": "https://www.suse.com/security/cve/CVE-2004-0230"
},
{
"category": "external",
"summary": "SUSE Bug 1184394 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/1184394"
},
{
"category": "external",
"summary": "SUSE Bug 1198501 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/1198501"
},
{
"category": "external",
"summary": "SUSE Bug 1206598 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/1206598"
},
{
"category": "external",
"summary": "SUSE Bug 969340 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/969340"
},
{
"category": "external",
"summary": "SUSE Bug 989152 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/989152"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "low"
}
],
"title": "CVE-2004-0230"
},
{
"cve": "CVE-2012-6704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-6704"
}
],
"notes": [
{
"category": "general",
"text": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-6704",
"url": "https://www.suse.com/security/cve/CVE-2012-6704"
},
{
"category": "external",
"summary": "SUSE Bug 1013531 for CVE-2012-6704",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "external",
"summary": "SUSE Bug 1013542 for CVE-2012-6704",
"url": "https://bugzilla.suse.com/1013542"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2012-6704",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2012-6704"
},
{
"cve": "CVE-2013-6368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6368"
}
],
"notes": [
{
"category": "general",
"text": "The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6368",
"url": "https://www.suse.com/security/cve/CVE-2013-6368"
},
{
"category": "external",
"summary": "SUSE Bug 853052 for CVE-2013-6368",
"url": "https://bugzilla.suse.com/853052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2013-6368"
},
{
"cve": "CVE-2015-1350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1350"
}
],
"notes": [
{
"category": "general",
"text": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1350",
"url": "https://www.suse.com/security/cve/CVE-2015-1350"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2015-1350",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 914939 for CVE-2015-1350",
"url": "https://bugzilla.suse.com/914939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2015-1350"
},
{
"cve": "CVE-2015-8956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8956"
}
],
"notes": [
{
"category": "general",
"text": "The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8956",
"url": "https://www.suse.com/security/cve/CVE-2015-8956"
},
{
"category": "external",
"summary": "SUSE Bug 1003925 for CVE-2015-8956",
"url": "https://bugzilla.suse.com/1003925"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2015-8956"
},
{
"cve": "CVE-2015-8962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8962"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8962",
"url": "https://www.suse.com/security/cve/CVE-2015-8962"
},
{
"category": "external",
"summary": "SUSE Bug 1010501 for CVE-2015-8962",
"url": "https://bugzilla.suse.com/1010501"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8962",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2015-8962"
},
{
"cve": "CVE-2015-8964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8964"
}
],
"notes": [
{
"category": "general",
"text": "The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8964",
"url": "https://www.suse.com/security/cve/CVE-2015-8964"
},
{
"category": "external",
"summary": "SUSE Bug 1010507 for CVE-2015-8964",
"url": "https://bugzilla.suse.com/1010507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "low"
}
],
"title": "CVE-2015-8964"
},
{
"cve": "CVE-2016-10088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10088"
}
],
"notes": [
{
"category": "general",
"text": "The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10088",
"url": "https://www.suse.com/security/cve/CVE-2016-10088"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2016-10088"
},
{
"cve": "CVE-2016-3841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3841"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3841",
"url": "https://www.suse.com/security/cve/CVE-2016-3841"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3841",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3841",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 992566 for CVE-2016-3841",
"url": "https://bugzilla.suse.com/992566"
},
{
"category": "external",
"summary": "SUSE Bug 992569 for CVE-2016-3841",
"url": "https://bugzilla.suse.com/992569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-3841"
},
{
"cve": "CVE-2016-5696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5696"
}
],
"notes": [
{
"category": "general",
"text": "net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5696",
"url": "https://www.suse.com/security/cve/CVE-2016-5696"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-5696",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2016-5696",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 989152 for CVE-2016-5696",
"url": "https://bugzilla.suse.com/989152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-5696"
},
{
"cve": "CVE-2016-7042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7042"
}
],
"notes": [
{
"category": "general",
"text": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7042",
"url": "https://www.suse.com/security/cve/CVE-2016-7042"
},
{
"category": "external",
"summary": "SUSE Bug 1004517 for CVE-2016-7042",
"url": "https://bugzilla.suse.com/1004517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-7042"
},
{
"cve": "CVE-2016-7097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7097"
}
],
"notes": [
{
"category": "general",
"text": "The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7097",
"url": "https://www.suse.com/security/cve/CVE-2016-7097"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/870618"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "low"
}
],
"title": "CVE-2016-7097"
},
{
"cve": "CVE-2016-7117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7117"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7117",
"url": "https://www.suse.com/security/cve/CVE-2016-7117"
},
{
"category": "external",
"summary": "SUSE Bug 1003077 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "external",
"summary": "SUSE Bug 1003253 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003253"
},
{
"category": "external",
"summary": "SUSE Bug 1057478 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1057478"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1071943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-7117"
},
{
"cve": "CVE-2016-7910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7910"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7910",
"url": "https://www.suse.com/security/cve/CVE-2016-7910"
},
{
"category": "external",
"summary": "SUSE Bug 1010716 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1010716"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1196722 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1196722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2016-7910"
},
{
"cve": "CVE-2016-7911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7911"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7911",
"url": "https://www.suse.com/security/cve/CVE-2016-7911"
},
{
"category": "external",
"summary": "SUSE Bug 1010711 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1010711"
},
{
"category": "external",
"summary": "SUSE Bug 1010713 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1010713"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-7911"
},
{
"cve": "CVE-2016-7916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7916"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7916",
"url": "https://www.suse.com/security/cve/CVE-2016-7916"
},
{
"category": "external",
"summary": "SUSE Bug 1010467 for CVE-2016-7916",
"url": "https://bugzilla.suse.com/1010467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-7916"
},
{
"cve": "CVE-2016-8399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8399"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8399",
"url": "https://www.suse.com/security/cve/CVE-2016-8399"
},
{
"category": "external",
"summary": "SUSE Bug 1014746 for CVE-2016-8399",
"url": "https://bugzilla.suse.com/1014746"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-8399",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-8399"
},
{
"cve": "CVE-2016-8632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8632"
}
],
"notes": [
{
"category": "general",
"text": "The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8632",
"url": "https://www.suse.com/security/cve/CVE-2016-8632"
},
{
"category": "external",
"summary": "SUSE Bug 1008831 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1008831"
},
{
"category": "external",
"summary": "SUSE Bug 1012852 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1012852"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-8632"
},
{
"cve": "CVE-2016-8633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8633"
}
],
"notes": [
{
"category": "general",
"text": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8633",
"url": "https://www.suse.com/security/cve/CVE-2016-8633"
},
{
"category": "external",
"summary": "SUSE Bug 1008833 for CVE-2016-8633",
"url": "https://bugzilla.suse.com/1008833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-8633"
},
{
"cve": "CVE-2016-8646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8646"
}
],
"notes": [
{
"category": "general",
"text": "The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8646",
"url": "https://www.suse.com/security/cve/CVE-2016-8646"
},
{
"category": "external",
"summary": "SUSE Bug 1010150 for CVE-2016-8646",
"url": "https://bugzilla.suse.com/1010150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-8646"
},
{
"cve": "CVE-2016-9555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9555"
}
],
"notes": [
{
"category": "general",
"text": "The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9555",
"url": "https://www.suse.com/security/cve/CVE-2016-9555"
},
{
"category": "external",
"summary": "SUSE Bug 1011685 for CVE-2016-9555",
"url": "https://bugzilla.suse.com/1011685"
},
{
"category": "external",
"summary": "SUSE Bug 1012183 for CVE-2016-9555",
"url": "https://bugzilla.suse.com/1012183"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9555",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-9555"
},
{
"cve": "CVE-2016-9576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9576"
}
],
"notes": [
{
"category": "general",
"text": "The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9576",
"url": "https://www.suse.com/security/cve/CVE-2016-9576"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1019668 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019668"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2016-9576"
},
{
"cve": "CVE-2016-9685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9685"
}
],
"notes": [
{
"category": "general",
"text": "Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9685",
"url": "https://www.suse.com/security/cve/CVE-2016-9685"
},
{
"category": "external",
"summary": "SUSE Bug 1012832 for CVE-2016-9685",
"url": "https://bugzilla.suse.com/1012832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "low"
}
],
"title": "CVE-2016-9685"
},
{
"cve": "CVE-2016-9756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9756"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9756",
"url": "https://www.suse.com/security/cve/CVE-2016-9756"
},
{
"category": "external",
"summary": "SUSE Bug 1013038 for CVE-2016-9756",
"url": "https://bugzilla.suse.com/1013038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-9756"
},
{
"cve": "CVE-2016-9793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9793"
}
],
"notes": [
{
"category": "general",
"text": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9793",
"url": "https://www.suse.com/security/cve/CVE-2016-9793"
},
{
"category": "external",
"summary": "SUSE Bug 1013531 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "external",
"summary": "SUSE Bug 1013542 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1013542"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-9793"
},
{
"cve": "CVE-2016-9794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9794"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9794",
"url": "https://www.suse.com/security/cve/CVE-2016-9794"
},
{
"category": "external",
"summary": "SUSE Bug 1013533 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013533"
},
{
"category": "external",
"summary": "SUSE Bug 1013543 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013543"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013604"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2016-9794"
},
{
"cve": "CVE-2017-5551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5551"
}
],
"notes": [
{
"category": "general",
"text": "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5551",
"url": "https://www.suse.com/security/cve/CVE-2017-5551"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2017-5551"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…