Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2016-9576 (GCVE-0-2016-9576)
Vulnerability from cvelistv5 – Published: 2016-12-28 07:42 – Updated: 2024-08-06 02:59
VLAI
EPSS
Summary
The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
19 references
Date Public
2016-12-09 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:59:01.667Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "openSUSE-SU-2016:3118",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html"
},
{
"name": "SUSE-SU-2016:3248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0"
},
{
"name": "openSUSE-SU-2016:3085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00040.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "SUSE-SU-2016:3188",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html"
},
{
"name": "openSUSE-SU-2016:3086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00041.html"
},
{
"name": "SUSE-SU-2016:3146",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html"
},
{
"name": "SUSE-SU-2016:3203",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html"
},
{
"name": "RHSA-2017:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name": "SUSE-SU-2016:3217",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1403145"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
},
{
"name": "[oss-security] 20161209 Linux Kernel use-after-free in SCSI generic device interface",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/19"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "94821",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/94821"
},
{
"name": "SUSE-SU-2016:3252",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-12-09T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-01-04T19:57:01.000Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "openSUSE-SU-2016:3118",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html"
},
{
"name": "SUSE-SU-2016:3248",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0"
},
{
"name": "openSUSE-SU-2016:3085",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00040.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0"
},
{
"name": "RHSA-2017:2669",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2669"
},
{
"name": "SUSE-SU-2016:3188",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html"
},
{
"name": "openSUSE-SU-2016:3086",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00041.html"
},
{
"name": "SUSE-SU-2016:3146",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html"
},
{
"name": "SUSE-SU-2016:3203",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html"
},
{
"name": "RHSA-2017:0817",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2017-0817.html"
},
{
"name": "SUSE-SU-2016:3217",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1403145"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14"
},
{
"name": "[oss-security] 20161209 Linux Kernel use-after-free in SCSI generic device interface",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2016/12/08/19"
},
{
"name": "RHSA-2017:2077",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2077"
},
{
"name": "RHSA-2017:1842",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:1842"
},
{
"name": "94821",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/94821"
},
{
"name": "SUSE-SU-2016:3252",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2016-9576",
"datePublished": "2016-12-28T07:42:00.000Z",
"dateReserved": "2016-11-23T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:59:01.667Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2016-9576",
"date": "2026-05-27",
"epss": "0.00064",
"percentile": "0.19806"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0\", \"versionEndExcluding\": \"4.4.38\", \"matchCriteriaId\": \"2D401B73-345B-49B5-B568-153C68F7F784\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.5\", \"versionEndExcluding\": \"4.8.14\", \"matchCriteriaId\": \"2454EAB6-FC42-4FA4-BE76-CBAA81D4ADC4\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n blk_rq_map_user_iov en block/blk-map.c en el kernel de Linux en versiones anteriores a 4.8.14 no restringe adecuadamente el tipo de iterador, lo que permite a usuarios locales leer o escribir a ubicaciones de memoria del kernel arbitrarias o provocar una denegaci\\u00f3n de servicio (uso despu\\u00e9s de liberaci\\u00f3n de memoria) aprovechando acceso a un dispositivo /dev/sg.\"}]",
"id": "CVE-2016-9576",
"lastModified": "2024-11-21T03:01:25.400",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2016-12-28T07:59:00.307",
"references": "[{\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00040.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00041.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0817.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/12/08/19\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94821\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1842\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2077\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2669\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1403145\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00040.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00041.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2017-0817.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2016/12/08/19\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/94821\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1842\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2077\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2669\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1403145\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2016-9576\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2016-12-28T07:59:00.307\",\"lastModified\":\"2026-05-06T22:30:45.220\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n blk_rq_map_user_iov en block/blk-map.c en el kernel de Linux en versiones anteriores a 4.8.14 no restringe adecuadamente el tipo de iterador, lo que permite a usuarios locales leer o escribir a ubicaciones de memoria del kernel arbitrarias o provocar una denegaci\u00f3n de servicio (uso despu\u00e9s de liberaci\u00f3n de memoria) aprovechando acceso a un dispositivo /dev/sg.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndExcluding\":\"4.4.38\",\"matchCriteriaId\":\"2D401B73-345B-49B5-B568-153C68F7F784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.8.14\",\"matchCriteriaId\":\"2454EAB6-FC42-4FA4-BE76-CBAA81D4ADC4\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00040.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00041.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0817.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/08/19\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94821\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1842\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2077\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2669\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1403145\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=a0ac402cfcdc904f9772e1762b3fda112dcc56a0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00040.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00041.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00057.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00062.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00072.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00075.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00081.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00088.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00091.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2017-0817.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.14\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2016/12/08/19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/94821\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1842\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2077\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1403145\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/a0ac402cfcdc904f9772e1762b3fda112dcc56a0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
SUSE-SU-2017:0278-1
Vulnerability from csaf_suse - Published: 2017-01-25 07:33 - Updated: 2017-01-25 07:33Summary
Security update for Linux Kernel Live Patch 8 for SLE 12 SP1
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1
Description of the patch: This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues.
The following security bugs were fixed:
- CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543).
- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852).
- CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271).
Patchnames: SUSE-SLE-Live-Patching-12-2017-148
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
26 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 8 for SLE 12 SP1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues.\n\nThe following security bugs were fixed:\n- CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543).\n- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bsc#1012852).\n- CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2017-148",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0278-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0278-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170278-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0278-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-January/002595.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012852",
"url": "https://bugzilla.suse.com/1012852"
},
{
"category": "self",
"summary": "SUSE Bug 1013543",
"url": "https://bugzilla.suse.com/1013543"
},
{
"category": "self",
"summary": "SUSE Bug 1013604",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "self",
"summary": "SUSE Bug 1014271",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8632 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9576 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9794 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9794/"
}
],
"title": "Security update for Linux Kernel Live Patch 8 for SLE 12 SP1",
"tracking": {
"current_release_date": "2017-01-25T07:33:30Z",
"generator": {
"date": "2017-01-25T07:33:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0278-1",
"initial_release_date": "2017-01-25T07:33:30Z",
"revision_history": [
{
"date": "2017-01-25T07:33:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64",
"product_id": "kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-8632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8632"
}
],
"notes": [
{
"category": "general",
"text": "The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8632",
"url": "https://www.suse.com/security/cve/CVE-2016-8632"
},
{
"category": "external",
"summary": "SUSE Bug 1008831 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1008831"
},
{
"category": "external",
"summary": "SUSE Bug 1012852 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1012852"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-25T07:33:30Z",
"details": "moderate"
}
],
"title": "CVE-2016-8632"
},
{
"cve": "CVE-2016-9576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9576"
}
],
"notes": [
{
"category": "general",
"text": "The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9576",
"url": "https://www.suse.com/security/cve/CVE-2016-9576"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1019668 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019668"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-25T07:33:30Z",
"details": "important"
}
],
"title": "CVE-2016-9576"
},
{
"cve": "CVE-2016-9794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9794"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9794",
"url": "https://www.suse.com/security/cve/CVE-2016-9794"
},
{
"category": "external",
"summary": "SUSE Bug 1013533 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013533"
},
{
"category": "external",
"summary": "SUSE Bug 1013543 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013543"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013604"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-default-4-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_62-60_64_8-xen-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-25T07:33:30Z",
"details": "important"
}
],
"title": "CVE-2016-9794"
}
]
}
SUSE-SU-2017:0293-1
Vulnerability from csaf_suse - Published: 2017-01-26 16:02 - Updated: 2017-01-26 16:02Summary
Security update for Linux Kernel Live Patch 2 for SLE 12 SP2
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 2 for SLE 12 SP2
Description of the patch: This update for the Linux Kernel 4.4.21-84 fixes several issues.
The following security bugs were fixed:
- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bsc#1019079).
- CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543).
- CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271).
before 4.8.14
Patchnames: SUSE-SLE-Live-Patching-12-2017-154
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
27 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 2 for SLE 12 SP2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.21-84 fixes several issues.\n\nThe following security bugs were fixed:\n- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bsc#1019079).\n- CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543).\n- CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271).\nbefore 4.8.14\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2017-154",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0293-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0293-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170293-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0293-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-January/002600.html"
},
{
"category": "self",
"summary": "SUSE Bug 1013543",
"url": "https://bugzilla.suse.com/1013543"
},
{
"category": "self",
"summary": "SUSE Bug 1014271",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "self",
"summary": "SUSE Bug 1019079",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10088 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9576 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9794 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9794/"
}
],
"title": "Security update for Linux Kernel Live Patch 2 for SLE 12 SP2",
"tracking": {
"current_release_date": "2017-01-26T16:02:57Z",
"generator": {
"date": "2017-01-26T16:02:57Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0293-1",
"initial_release_date": "2017-01-26T16:02:57Z",
"revision_history": [
{
"date": "2017-01-26T16:02:57Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_21-84-default-2-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_21-84-default-2-2.1.x86_64",
"product_id": "kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_21-84-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_21-84-default-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-10088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10088"
}
],
"notes": [
{
"category": "general",
"text": "The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10088",
"url": "https://www.suse.com/security/cve/CVE-2016-10088"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-26T16:02:57Z",
"details": "important"
}
],
"title": "CVE-2016-10088"
},
{
"cve": "CVE-2016-9576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9576"
}
],
"notes": [
{
"category": "general",
"text": "The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9576",
"url": "https://www.suse.com/security/cve/CVE-2016-9576"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1019668 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019668"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-26T16:02:57Z",
"details": "important"
}
],
"title": "CVE-2016-9576"
},
{
"cve": "CVE-2016-9794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9794"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9794",
"url": "https://www.suse.com/security/cve/CVE-2016-9794"
},
{
"category": "external",
"summary": "SUSE Bug 1013533 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013533"
},
{
"category": "external",
"summary": "SUSE Bug 1013543 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013543"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013604"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-4_4_21-84-default-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-26T16:02:57Z",
"details": "important"
}
],
"title": "CVE-2016-9794"
}
]
}
SUSE-SU-2017:0294-1
Vulnerability from csaf_suse - Published: 2017-01-26 16:03 - Updated: 2017-01-26 16:03Summary
Security update for Linux Kernel Live Patch 10 for SLE 12 SP1
Severity
Important
Notes
Title of the patch: Security update for Linux Kernel Live Patch 10 for SLE 12 SP1
Description of the patch: This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues.
The following security bugs were fixed:
- CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543).
- CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271).
Patchnames: SUSE-SLE-Live-Patching-12-2017-155
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
20 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for Linux Kernel Live Patch 10 for SLE 12 SP1",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 3.12.67-60_64_21 fixes several issues.\n\nThe following security bugs were fixed:\n- CVE-2016-9794: Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command (bsc#1013543).\n- CVE-2016-9576: The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device (bsc#1014271).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-2017-155",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0294-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0294-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170294-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0294-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-January/002601.html"
},
{
"category": "self",
"summary": "SUSE Bug 1013543",
"url": "https://bugzilla.suse.com/1013543"
},
{
"category": "self",
"summary": "SUSE Bug 1013604",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "self",
"summary": "SUSE Bug 1014271",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9576 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9794 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9794/"
}
],
"title": "Security update for Linux Kernel Live Patch 10 for SLE 12 SP1",
"tracking": {
"current_release_date": "2017-01-26T16:03:25Z",
"generator": {
"date": "2017-01-26T16:03:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0294-1",
"initial_release_date": "2017-01-26T16:03:25Z",
"revision_history": [
{
"date": "2017-01-26T16:03:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64",
"product_id": "kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64",
"product_id": "kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-9576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9576"
}
],
"notes": [
{
"category": "general",
"text": "The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9576",
"url": "https://www.suse.com/security/cve/CVE-2016-9576"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1019668 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019668"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-26T16:03:25Z",
"details": "important"
}
],
"title": "CVE-2016-9576"
},
{
"cve": "CVE-2016-9794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9794"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9794",
"url": "https://www.suse.com/security/cve/CVE-2016-9794"
},
{
"category": "external",
"summary": "SUSE Bug 1013533 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013533"
},
{
"category": "external",
"summary": "SUSE Bug 1013543 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013543"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013604"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-default-2-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_67-60_64_21-xen-2-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-01-26T16:03:25Z",
"details": "important"
}
],
"title": "CVE-2016-9794"
}
]
}
SUSE-SU-2017:0407-1
Vulnerability from csaf_suse - Published: 2017-02-06 14:41 - Updated: 2017-02-06 14:41Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 rt-kernel was updated to 3.12.69 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2015-8962: Fixed a double free vulnerability in the SCSI subsystem that allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) (bnc#1010501).
- CVE-2015-8963: Fixed a race condition in kernel/events/core.c that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1010502).
- CVE-2015-8964: Fixed a bug in the tty_set_termios_ldisc function that allowed local users to obtain sensitive information from kernel memory (bnc#1010507).
- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) (bnc#1017710).
- CVE-2016-7910: Fixed a use-after-free vulnerability in the block subsystem that allowed local users to gain privileges (bnc#1010716).
- CVE-2016-7911: Fixed a race condition in the get_task_ioprio function that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1010711).
- CVE-2016-7913: Fixed a bug in the xc2028_set_config function that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1010478).
- CVE-2016-7914: The assoc_array_insert_into_terminal_node function did not check whether a slot is a leaf, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) (bnc#1010475).
- CVE-2016-8399: Fixed a bug in the kernel networking subsystem that could have enabled a local malicious application to execute arbitrary code within the context of the kernel. (bnc#1014746).
- CVE-2016-8632: The net subsystem did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) (bnc#1008831).
- CVE-2016-8633: The firewire subsystem allowed remote attackers to execute arbitrary code via crafted fragmented packets in certain unusual hardware configurations (bnc#1008833).
- CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) (bnc#1009969).
- CVE-2016-8655: Fixed a race condition in the network subsystem that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1012754).
- CVE-2016-9083: The PCI subsystem local users to bypass integer overflow checks and cause a denial of service (memory corruption) or have unspecified other impact (bnc#1007197).
- CVE-2016-9084: The PCI subsystem misused the kzalloc() function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact (bnc#1007197).
- CVE-2016-9555: Fixed a bug in the network subsystem that allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685).
- CVE-2016-9576: The block subsystem did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) (bnc#1013604).
- CVE-2016-9756: The kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory (bnc#1013038).
- CVE-2016-9793: The net subsystem mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact (bnc#1013531).
- CVE-2016-9794: Fixed a race condition in the ALSA subsystem that allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1013533).
- CVE-2016-9806: Fixed a race condition in the netlink_dump() function which could have allowed local users to cause a denial of service (double free) or possibly have unspecified other impact (bnc#1013540).
- CVE-2017-2583: kvm: x86: fixed emulation of 'MOV SS, null selector' (bsc#1020602).
- CVE-2017-2584: arch: x86: kvm: fixed a bug that could have allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) (bnc#1019851).
- CVE-2017-5551: tmpfs: Fixed a bug that could have allowed users to set setgid bits on files they don't down. (bsc#1021258, CVE-2017-5551).
The following non-security bugs were fixed:
- 8250_pci: Fix potential use-after-free in error path (bsc#1013001).
- block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557).
- bna: Add synchronization for tx ring (bsc#993739).
- bnx2i/bnx2fc : fix randconfig error in next-20140909 (bsc#922052 bsc#922056).
- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
- bnx2x: fix lockdep splat (bsc#922052 bsc#922056).
- btrfs: Ensure proper sector alignment for btrfs_free_reserved_data_space (bsc#1005666).
- btrfs: Export and move leaf/subtree qgroup helpers to qgroup.c (bsc#983087).
- btrfs: Revert 'do not delay inode ref updates during log replay' (bsc#987192).
- btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100).
- btrfs: do not delay inode ref updates during log replay (bsc#987192).
- btrfs: fix incremental send failure caused by balance (bsc#985850).
- btrfs: fix relocation incorrectly dropping data references (bsc#990384).
- btrfs: increment ctx->pos for every emitted or skipped dirent in readdir (bsc#981709).
- btrfs: qgroup: Fix qgroup data leaking by using subtree tracing (bsc#983087).
- btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).
- btrfs: send, do not bug on inconsistent snapshots (bsc#985850).
- cpufreq: intel_pstate: Fix divide by zero on Knights Landing (KNL) (bsc#1008876).
- cpuset: fix sched_load_balance that was accidentally broken in a previous update (bsc#1010294).
- ext4: fix data exposure after a crash (bsc#1012985).
- fs/dcache: move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (bsc#984194).
- fuse: do not use iocb after it may have been freed (bsc#1012985).
- hpilo: Add support for iLO5 (bsc#999101).
- ib/core: Avoid unsigned int overflow in sg_alloc_table (bsc#924381 bsc#921338).
- ib/mlx5: Fix FW version diaplay in sysfs (bnc#923036).
- ib/mlx5: Fix entries check in mlx5_ib_resize_cq (bnc#858727).
- ib/mlx5: Fix entries checks in mlx5_ib_create_cq (bnc#858727).
- ib/mlx5: Remove per-MR pas and dma pointers (bnc#923036).
- ibmveth: calculate gso_segs for large packets (bsc#1019148).
- ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).
- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).
- ibmveth: set correct gso_size and gso_type (bsc#1019148).
- igb: Fix oops caused by missing queue pairing (bnc#857394).
- ipmi_si: create hardware-independent softdep for ipmi_devintf (bsc#1009062).
- ipr: Enable SIS pipe commands for SIS-32 devices (bsc#1016961).
- ipv4: Fix ip_queue_xmit to pass sk into ip_local_out_sk (bsc#938963).
- kabi: protect __sk_mem_reclaim (kabi).
- kabi: protect struct perf_event_context (kabi).
- kabi: reintroduce sk_filter (kabi).
- kernel: remove broken memory detection sanity check (bnc#1008567, LTC#148072).
- kgr: ignore zombie tasks during the patching (bnc#1008979).
- kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612).
- kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410).
- net/mlx5: Avoid passing dma address 0 to firmware (bnc#858727).
- net/mlx5: Fix typo in mlx5_query_port_pvlc (bnc#923036).
- net/mlx5e: Do not modify CQ before it was created (bnc#923036).
- net/mlx5e: Do not try to modify CQ moderation if it is not supported (bnc#923036).
- net/mlx5e: Fix MLX5E_100BASE_T define (bnc#923036).
- net/mlx5e: Remove wrong poll CQ optimization (bnc#923036).
- netback: correct array index (bsc#983348).
- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).
- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
- nfsv4: Fix 'NFS Lock reclaim failed' errors (bsc#1014410).
- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).
- posix_acl: Fixup acl reference leak and missing conversions in ext3, gfs2, jfs, hfsplus.
- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813).
- proc: avoid including 'mountproto=' with no protocol in /proc/mounts (bsc#1019260).
- raid1: ignore discard error (bsc#1017164).
- reiserfs: fix race in prealloc discard (bsc#987576).
- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
- rpm/kernel-spec-macros: Fix the check if there is no rebuild counter (bsc#1012060)
- rpm/kernel-spec-macros: Ignore too high rebuild counter (bsc#1012060)
- serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013001).
- sfc: clear napi_hash state when copying channels (bsc#923037).
- sfc: fix potential stack corruption from running past stat bitmask (bsc#923037).
- sfc: on MC reset, clear PIO buffer linkage in TXQs (bnc#856380).
- sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917).
- sunrpc: Fix reconnection timeouts (bsc#1014410).
- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).
- target: Make EXTENDED_COPY 0xe4 failure return COPY TARGET DEVICE NOT REACHABLE (bsc#991273).
- target: add XCOPY target/segment desc sense codes (bsc#991273).
- target: bounds check XCOPY segment descriptor list (bsc#991273).
- target: bounds check XCOPY total descriptor list length (bsc#991273).
- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).
- target: check for XCOPY parameter truncation (bsc#991273).
- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).
- target: simplify XCOPY wwn->se_dev lookup helper (bsc#991273).
- target: support XCOPY requests without parameters (bsc#991273).
- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).
- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).
- tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#921778).
- tty: Prevent ldisc drivers from re-using stale tty fields (bnc#1010507).
- x86/apic: Order irq_enter/exit() calls correctly vs. ack_APIC_irq() (bsc#1013479).
- xen/ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to it (bsc#984419).
- xenbus: correctly signal errors from xenstored_local_init() (luckily none so far).
- xfs: allow lazy sb counter sync during filesystem freeze sequence (bsc#980560).
- xfs: refactor xlog_recover_process_data() (bsc#1019300).
Patchnames: SUSE-SLE-RT-12-SP1-2017-202
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.2 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.9 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.1 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
8.4 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.1 (High)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
11 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
187 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 rt-kernel was updated to 3.12.69 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2015-8962: Fixed a double free vulnerability in the SCSI subsystem that allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) (bnc#1010501).\n- CVE-2015-8963: Fixed a race condition in kernel/events/core.c that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1010502).\n- CVE-2015-8964: Fixed a bug in the tty_set_termios_ldisc function that allowed local users to obtain sensitive information from kernel memory (bnc#1010507).\n- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) (bnc#1017710).\n- CVE-2016-7910: Fixed a use-after-free vulnerability in the block subsystem that allowed local users to gain privileges (bnc#1010716).\n- CVE-2016-7911: Fixed a race condition in the get_task_ioprio function that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1010711).\n- CVE-2016-7913: Fixed a bug in the xc2028_set_config function that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1010478).\n- CVE-2016-7914: The assoc_array_insert_into_terminal_node function did not check whether a slot is a leaf, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) (bnc#1010475).\n- CVE-2016-8399: Fixed a bug in the kernel networking subsystem that could have enabled a local malicious application to execute arbitrary code within the context of the kernel. (bnc#1014746).\n- CVE-2016-8632: The net subsystem did not validate the relationship between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause a denial of service (heap-based buffer overflow) (bnc#1008831).\n- CVE-2016-8633: The firewire subsystem allowed remote attackers to execute arbitrary code via crafted fragmented packets in certain unusual hardware configurations (bnc#1008833).\n- CVE-2016-8645: The TCP stack in the Linux kernel mishandled skb truncation, which allowed local users to cause a denial of service (system crash) (bnc#1009969).\n- CVE-2016-8655: Fixed a race condition in the network subsystem that allowed local users to gain privileges or cause a denial of service (use-after-free) (bnc#1012754).\n- CVE-2016-9083: The PCI subsystem local users to bypass integer overflow checks and cause a denial of service (memory corruption) or have unspecified other impact (bnc#1007197).\n- CVE-2016-9084: The PCI subsystem misused the kzalloc() function, which allowed local users to cause a denial of service (integer overflow) or have unspecified other impact (bnc#1007197).\n- CVE-2016-9555: Fixed a bug in the network subsystem that allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685).\n- CVE-2016-9576: The block subsystem did not properly restrict the type of iterator, which allowed local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) (bnc#1013604).\n- CVE-2016-9756: The kernel did not properly initialize Code Segment (CS) in certain error cases, which allowed local users to obtain sensitive information from kernel stack memory (bnc#1013038).\n- CVE-2016-9793: The net subsystem mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact (bnc#1013531).\n- CVE-2016-9794: Fixed a race condition in the ALSA subsystem that allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1013533).\n- CVE-2016-9806: Fixed a race condition in the netlink_dump() function which could have allowed local users to cause a denial of service (double free) or possibly have unspecified other impact (bnc#1013540).\n- CVE-2017-2583: kvm: x86: fixed emulation of \u0027MOV SS, null selector\u0027 (bsc#1020602).\n- CVE-2017-2584: arch: x86: kvm: fixed a bug that could have allowed local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) (bnc#1019851).\n- CVE-2017-5551: tmpfs: Fixed a bug that could have allowed users to set setgid bits on files they don\u0027t down. (bsc#1021258, CVE-2017-5551).\n\nThe following non-security bugs were fixed:\n\n- 8250_pci: Fix potential use-after-free in error path (bsc#1013001).\n- block_dev: do not test bdev-\u003ebd_contains when it is not stable (bsc#1008557).\n- bna: Add synchronization for tx ring (bsc#993739).\n- bnx2i/bnx2fc : fix randconfig error in next-20140909 (bsc#922052 bsc#922056).\n- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).\n- bnx2x: fix lockdep splat (bsc#922052 bsc#922056).\n- btrfs: Ensure proper sector alignment for btrfs_free_reserved_data_space (bsc#1005666).\n- btrfs: Export and move leaf/subtree qgroup helpers to qgroup.c (bsc#983087).\n- btrfs: Revert \u0027do not delay inode ref updates during log replay\u0027 (bsc#987192).\n- btrfs: bugfix: handle FS_IOC32_{GETFLAGS,SETFLAGS,GETVERSION} in btrfs_ioctl (bsc#1018100).\n- btrfs: do not delay inode ref updates during log replay (bsc#987192).\n- btrfs: fix incremental send failure caused by balance (bsc#985850).\n- btrfs: fix relocation incorrectly dropping data references (bsc#990384).\n- btrfs: increment ctx-\u003epos for every emitted or skipped dirent in readdir (bsc#981709).\n- btrfs: qgroup: Fix qgroup data leaking by using subtree tracing (bsc#983087).\n- btrfs: remove old tree_root dirent processing in btrfs_real_readdir() (bsc#981709).\n- btrfs: send, do not bug on inconsistent snapshots (bsc#985850).\n- cpufreq: intel_pstate: Fix divide by zero on Knights Landing (KNL) (bsc#1008876).\n- cpuset: fix sched_load_balance that was accidentally broken in a previous update (bsc#1010294).\n- ext4: fix data exposure after a crash (bsc#1012985).\n- fs/dcache: move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (bsc#984194).\n- fuse: do not use iocb after it may have been freed (bsc#1012985).\n- hpilo: Add support for iLO5 (bsc#999101).\n- ib/core: Avoid unsigned int overflow in sg_alloc_table (bsc#924381 bsc#921338).\n- ib/mlx5: Fix FW version diaplay in sysfs (bnc#923036).\n- ib/mlx5: Fix entries check in mlx5_ib_resize_cq (bnc#858727).\n- ib/mlx5: Fix entries checks in mlx5_ib_create_cq (bnc#858727).\n- ib/mlx5: Remove per-MR pas and dma pointers (bnc#923036).\n- ibmveth: calculate gso_segs for large packets (bsc#1019148).\n- ibmveth: check return of skb_linearize in ibmveth_start_xmit (bsc#1019148).\n- ibmveth: consolidate kmalloc of array, memset 0 to kcalloc (bsc#1019148).\n- ibmveth: set correct gso_size and gso_type (bsc#1019148).\n- igb: Fix oops caused by missing queue pairing (bnc#857394).\n- ipmi_si: create hardware-independent softdep for ipmi_devintf (bsc#1009062).\n- ipr: Enable SIS pipe commands for SIS-32 devices (bsc#1016961).\n- ipv4: Fix ip_queue_xmit to pass sk into ip_local_out_sk (bsc#938963).\n- kabi: protect __sk_mem_reclaim (kabi).\n- kabi: protect struct perf_event_context (kabi).\n- kabi: reintroduce sk_filter (kabi).\n- kernel: remove broken memory detection sanity check (bnc#1008567, LTC#148072).\n- kgr: ignore zombie tasks during the patching (bnc#1008979).\n- kgraft/iscsi-target: Do not block kGraft in iscsi_np kthread (bsc#1010612).\n- kgraft/xen: Do not block kGraft in xenbus kthread (bsc#1017410).\n- net/mlx5: Avoid passing dma address 0 to firmware (bnc#858727).\n- net/mlx5: Fix typo in mlx5_query_port_pvlc (bnc#923036).\n- net/mlx5e: Do not modify CQ before it was created (bnc#923036).\n- net/mlx5e: Do not try to modify CQ moderation if it is not supported (bnc#923036).\n- net/mlx5e: Fix MLX5E_100BASE_T define (bnc#923036).\n- net/mlx5e: Remove wrong poll CQ optimization (bnc#923036).\n- netback: correct array index (bsc#983348).\n- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).\n- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).\n- nfsv4: Fix \u0027NFS Lock reclaim failed\u0027 errors (bsc#1014410).\n- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).\n- posix_acl: Fixup acl reference leak and missing conversions in ext3, gfs2, jfs, hfsplus.\n- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813).\n- proc: avoid including \u0027mountproto=\u0027 with no protocol in /proc/mounts (bsc#1019260).\n- raid1: ignore discard error (bsc#1017164).\n- reiserfs: fix race in prealloc discard (bsc#987576).\n- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)\n- rpm/kernel-spec-macros: Fix the check if there is no rebuild counter (bsc#1012060)\n- rpm/kernel-spec-macros: Ignore too high rebuild counter (bsc#1012060)\n- serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013001).\n- sfc: clear napi_hash state when copying channels (bsc#923037).\n- sfc: fix potential stack corruption from running past stat bitmask (bsc#923037).\n- sfc: on MC reset, clear PIO buffer linkage in TXQs (bnc#856380).\n- sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917).\n- sunrpc: Fix reconnection timeouts (bsc#1014410).\n- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).\n- target: Make EXTENDED_COPY 0xe4 failure return COPY TARGET DEVICE NOT REACHABLE (bsc#991273).\n- target: add XCOPY target/segment desc sense codes (bsc#991273).\n- target: bounds check XCOPY segment descriptor list (bsc#991273).\n- target: bounds check XCOPY total descriptor list length (bsc#991273).\n- target: check XCOPY segment descriptor CSCD IDs (bsc#1017170).\n- target: check for XCOPY parameter truncation (bsc#991273).\n- target: return UNSUPPORTED TARGET/SEGMENT DESC TYPE CODE sense (bsc#991273).\n- target: simplify XCOPY wwn-\u003ese_dev lookup helper (bsc#991273).\n- target: support XCOPY requests without parameters (bsc#991273).\n- target: use XCOPY TOO MANY TARGET DESCRIPTORS sense (bsc#991273).\n- target: use XCOPY segment descriptor CSCD IDs (bsc#1017170).\n- tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#921778).\n- tty: Prevent ldisc drivers from re-using stale tty fields (bnc#1010507).\n- x86/apic: Order irq_enter/exit() calls correctly vs. ack_APIC_irq() (bsc#1013479).\n- xen/ftrace/x86: Set ftrace_stub to weak to prevent gcc from using short jumps to it (bsc#984419).\n- xenbus: correctly signal errors from xenstored_local_init() (luckily none so far).\n- xfs: allow lazy sb counter sync during filesystem freeze sequence (bsc#980560).\n- xfs: refactor xlog_recover_process_data() (bsc#1019300).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-RT-12-SP1-2017-202",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_0407-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:0407-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170407-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:0407-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-February/002626.html"
},
{
"category": "self",
"summary": "SUSE Bug 1003813",
"url": "https://bugzilla.suse.com/1003813"
},
{
"category": "self",
"summary": "SUSE Bug 1005666",
"url": "https://bugzilla.suse.com/1005666"
},
{
"category": "self",
"summary": "SUSE Bug 1007197",
"url": "https://bugzilla.suse.com/1007197"
},
{
"category": "self",
"summary": "SUSE Bug 1008557",
"url": "https://bugzilla.suse.com/1008557"
},
{
"category": "self",
"summary": "SUSE Bug 1008567",
"url": "https://bugzilla.suse.com/1008567"
},
{
"category": "self",
"summary": "SUSE Bug 1008831",
"url": "https://bugzilla.suse.com/1008831"
},
{
"category": "self",
"summary": "SUSE Bug 1008833",
"url": "https://bugzilla.suse.com/1008833"
},
{
"category": "self",
"summary": "SUSE Bug 1008876",
"url": "https://bugzilla.suse.com/1008876"
},
{
"category": "self",
"summary": "SUSE Bug 1008979",
"url": "https://bugzilla.suse.com/1008979"
},
{
"category": "self",
"summary": "SUSE Bug 1009062",
"url": "https://bugzilla.suse.com/1009062"
},
{
"category": "self",
"summary": "SUSE Bug 1009969",
"url": "https://bugzilla.suse.com/1009969"
},
{
"category": "self",
"summary": "SUSE Bug 1010040",
"url": "https://bugzilla.suse.com/1010040"
},
{
"category": "self",
"summary": "SUSE Bug 1010213",
"url": "https://bugzilla.suse.com/1010213"
},
{
"category": "self",
"summary": "SUSE Bug 1010294",
"url": "https://bugzilla.suse.com/1010294"
},
{
"category": "self",
"summary": "SUSE Bug 1010475",
"url": "https://bugzilla.suse.com/1010475"
},
{
"category": "self",
"summary": "SUSE Bug 1010478",
"url": "https://bugzilla.suse.com/1010478"
},
{
"category": "self",
"summary": "SUSE Bug 1010501",
"url": "https://bugzilla.suse.com/1010501"
},
{
"category": "self",
"summary": "SUSE Bug 1010502",
"url": "https://bugzilla.suse.com/1010502"
},
{
"category": "self",
"summary": "SUSE Bug 1010507",
"url": "https://bugzilla.suse.com/1010507"
},
{
"category": "self",
"summary": "SUSE Bug 1010612",
"url": "https://bugzilla.suse.com/1010612"
},
{
"category": "self",
"summary": "SUSE Bug 1010711",
"url": "https://bugzilla.suse.com/1010711"
},
{
"category": "self",
"summary": "SUSE Bug 1010716",
"url": "https://bugzilla.suse.com/1010716"
},
{
"category": "self",
"summary": "SUSE Bug 1011685",
"url": "https://bugzilla.suse.com/1011685"
},
{
"category": "self",
"summary": "SUSE Bug 1012060",
"url": "https://bugzilla.suse.com/1012060"
},
{
"category": "self",
"summary": "SUSE Bug 1012422",
"url": "https://bugzilla.suse.com/1012422"
},
{
"category": "self",
"summary": "SUSE Bug 1012754",
"url": "https://bugzilla.suse.com/1012754"
},
{
"category": "self",
"summary": "SUSE Bug 1012917",
"url": "https://bugzilla.suse.com/1012917"
},
{
"category": "self",
"summary": "SUSE Bug 1012985",
"url": "https://bugzilla.suse.com/1012985"
},
{
"category": "self",
"summary": "SUSE Bug 1013001",
"url": "https://bugzilla.suse.com/1013001"
},
{
"category": "self",
"summary": "SUSE Bug 1013038",
"url": "https://bugzilla.suse.com/1013038"
},
{
"category": "self",
"summary": "SUSE Bug 1013479",
"url": "https://bugzilla.suse.com/1013479"
},
{
"category": "self",
"summary": "SUSE Bug 1013531",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "self",
"summary": "SUSE Bug 1013533",
"url": "https://bugzilla.suse.com/1013533"
},
{
"category": "self",
"summary": "SUSE Bug 1013540",
"url": "https://bugzilla.suse.com/1013540"
},
{
"category": "self",
"summary": "SUSE Bug 1013604",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "self",
"summary": "SUSE Bug 1014410",
"url": "https://bugzilla.suse.com/1014410"
},
{
"category": "self",
"summary": "SUSE Bug 1014746",
"url": "https://bugzilla.suse.com/1014746"
},
{
"category": "self",
"summary": "SUSE Bug 1016713",
"url": "https://bugzilla.suse.com/1016713"
},
{
"category": "self",
"summary": "SUSE Bug 1016725",
"url": "https://bugzilla.suse.com/1016725"
},
{
"category": "self",
"summary": "SUSE Bug 1016961",
"url": "https://bugzilla.suse.com/1016961"
},
{
"category": "self",
"summary": "SUSE Bug 1017164",
"url": "https://bugzilla.suse.com/1017164"
},
{
"category": "self",
"summary": "SUSE Bug 1017170",
"url": "https://bugzilla.suse.com/1017170"
},
{
"category": "self",
"summary": "SUSE Bug 1017410",
"url": "https://bugzilla.suse.com/1017410"
},
{
"category": "self",
"summary": "SUSE Bug 1017710",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "self",
"summary": "SUSE Bug 1018100",
"url": "https://bugzilla.suse.com/1018100"
},
{
"category": "self",
"summary": "SUSE Bug 1019032",
"url": "https://bugzilla.suse.com/1019032"
},
{
"category": "self",
"summary": "SUSE Bug 1019148",
"url": "https://bugzilla.suse.com/1019148"
},
{
"category": "self",
"summary": "SUSE Bug 1019260",
"url": "https://bugzilla.suse.com/1019260"
},
{
"category": "self",
"summary": "SUSE Bug 1019300",
"url": "https://bugzilla.suse.com/1019300"
},
{
"category": "self",
"summary": "SUSE Bug 1019783",
"url": "https://bugzilla.suse.com/1019783"
},
{
"category": "self",
"summary": "SUSE Bug 1019851",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "self",
"summary": "SUSE Bug 1020214",
"url": "https://bugzilla.suse.com/1020214"
},
{
"category": "self",
"summary": "SUSE Bug 1020602",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "self",
"summary": "SUSE Bug 1021258",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "self",
"summary": "SUSE Bug 856380",
"url": "https://bugzilla.suse.com/856380"
},
{
"category": "self",
"summary": "SUSE Bug 857394",
"url": "https://bugzilla.suse.com/857394"
},
{
"category": "self",
"summary": "SUSE Bug 858727",
"url": "https://bugzilla.suse.com/858727"
},
{
"category": "self",
"summary": "SUSE Bug 921338",
"url": "https://bugzilla.suse.com/921338"
},
{
"category": "self",
"summary": "SUSE Bug 921778",
"url": "https://bugzilla.suse.com/921778"
},
{
"category": "self",
"summary": "SUSE Bug 922052",
"url": "https://bugzilla.suse.com/922052"
},
{
"category": "self",
"summary": "SUSE Bug 922056",
"url": "https://bugzilla.suse.com/922056"
},
{
"category": "self",
"summary": "SUSE Bug 923036",
"url": "https://bugzilla.suse.com/923036"
},
{
"category": "self",
"summary": "SUSE Bug 923037",
"url": "https://bugzilla.suse.com/923037"
},
{
"category": "self",
"summary": "SUSE Bug 924381",
"url": "https://bugzilla.suse.com/924381"
},
{
"category": "self",
"summary": "SUSE Bug 938963",
"url": "https://bugzilla.suse.com/938963"
},
{
"category": "self",
"summary": "SUSE Bug 972993",
"url": "https://bugzilla.suse.com/972993"
},
{
"category": "self",
"summary": "SUSE Bug 980560",
"url": "https://bugzilla.suse.com/980560"
},
{
"category": "self",
"summary": "SUSE Bug 981709",
"url": "https://bugzilla.suse.com/981709"
},
{
"category": "self",
"summary": "SUSE Bug 983087",
"url": "https://bugzilla.suse.com/983087"
},
{
"category": "self",
"summary": "SUSE Bug 983348",
"url": "https://bugzilla.suse.com/983348"
},
{
"category": "self",
"summary": "SUSE Bug 984194",
"url": "https://bugzilla.suse.com/984194"
},
{
"category": "self",
"summary": "SUSE Bug 984419",
"url": "https://bugzilla.suse.com/984419"
},
{
"category": "self",
"summary": "SUSE Bug 985850",
"url": "https://bugzilla.suse.com/985850"
},
{
"category": "self",
"summary": "SUSE Bug 987192",
"url": "https://bugzilla.suse.com/987192"
},
{
"category": "self",
"summary": "SUSE Bug 987576",
"url": "https://bugzilla.suse.com/987576"
},
{
"category": "self",
"summary": "SUSE Bug 990384",
"url": "https://bugzilla.suse.com/990384"
},
{
"category": "self",
"summary": "SUSE Bug 991273",
"url": "https://bugzilla.suse.com/991273"
},
{
"category": "self",
"summary": "SUSE Bug 993739",
"url": "https://bugzilla.suse.com/993739"
},
{
"category": "self",
"summary": "SUSE Bug 997807",
"url": "https://bugzilla.suse.com/997807"
},
{
"category": "self",
"summary": "SUSE Bug 999101",
"url": "https://bugzilla.suse.com/999101"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8962 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8963 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8963/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8964 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10088 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7910 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7911 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7913 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7913/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7914 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7914/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8399 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8632 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8633 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8645 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8655 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9083 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9084 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9084/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9555 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9576 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9756 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9793 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9794 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9806 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9806/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2583 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2583/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2584 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2584/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5551 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5551/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-02-06T14:41:53Z",
"generator": {
"date": "2017-02-06T14:41:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:0407-1",
"initial_release_date": "2017-02-06T14:41:53Z",
"revision_history": [
{
"date": "2017-02-06T14:41:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-3.12.69-60.30.1.noarch",
"product": {
"name": "kernel-devel-rt-3.12.69-60.30.1.noarch",
"product_id": "kernel-devel-rt-3.12.69-60.30.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-3.12.69-60.30.1.noarch",
"product": {
"name": "kernel-source-rt-3.12.69-60.30.1.noarch",
"product_id": "kernel-source-rt-3.12.69-60.30.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-compute-3.12.69-60.30.1.x86_64",
"product": {
"name": "kernel-compute-3.12.69-60.30.1.x86_64",
"product_id": "kernel-compute-3.12.69-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-compute-base-3.12.69-60.30.1.x86_64",
"product": {
"name": "kernel-compute-base-3.12.69-60.30.1.x86_64",
"product_id": "kernel-compute-base-3.12.69-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-compute-devel-3.12.69-60.30.1.x86_64",
"product": {
"name": "kernel-compute-devel-3.12.69-60.30.1.x86_64",
"product_id": "kernel-compute-devel-3.12.69-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"product": {
"name": "kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"product_id": "kernel-compute_debug-devel-3.12.69-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-3.12.69-60.30.1.x86_64",
"product": {
"name": "kernel-rt-3.12.69-60.30.1.x86_64",
"product_id": "kernel-rt-3.12.69-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-3.12.69-60.30.1.x86_64",
"product": {
"name": "kernel-rt-base-3.12.69-60.30.1.x86_64",
"product_id": "kernel-rt-base-3.12.69-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-3.12.69-60.30.1.x86_64",
"product": {
"name": "kernel-rt-devel-3.12.69-60.30.1.x86_64",
"product_id": "kernel-rt-devel-3.12.69-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"product": {
"name": "kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"product_id": "kernel-rt_debug-devel-3.12.69-60.30.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-3.12.69-60.30.1.x86_64",
"product": {
"name": "kernel-syms-rt-3.12.69-60.30.1.x86_64",
"product_id": "kernel-syms-rt-3.12.69-60.30.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-compute-3.12.69-60.30.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64"
},
"product_reference": "kernel-compute-3.12.69-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-compute-base-3.12.69-60.30.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64"
},
"product_reference": "kernel-compute-base-3.12.69-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-compute-devel-3.12.69-60.30.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64"
},
"product_reference": "kernel-compute-devel-3.12.69-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-compute_debug-devel-3.12.69-60.30.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64"
},
"product_reference": "kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-3.12.69-60.30.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch"
},
"product_reference": "kernel-devel-rt-3.12.69-60.30.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-3.12.69-60.30.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64"
},
"product_reference": "kernel-rt-3.12.69-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-3.12.69-60.30.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64"
},
"product_reference": "kernel-rt-base-3.12.69-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-3.12.69-60.30.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64"
},
"product_reference": "kernel-rt-devel-3.12.69-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_debug-devel-3.12.69-60.30.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64"
},
"product_reference": "kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-3.12.69-60.30.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch"
},
"product_reference": "kernel-source-rt-3.12.69-60.30.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-3.12.69-60.30.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP1",
"product_id": "SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
},
"product_reference": "kernel-syms-rt-3.12.69-60.30.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-8962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8962"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8962",
"url": "https://www.suse.com/security/cve/CVE-2015-8962"
},
{
"category": "external",
"summary": "SUSE Bug 1010501 for CVE-2015-8962",
"url": "https://bugzilla.suse.com/1010501"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8962",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "important"
}
],
"title": "CVE-2015-8962"
},
{
"cve": "CVE-2015-8963",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8963"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in kernel/events/core.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8963",
"url": "https://www.suse.com/security/cve/CVE-2015-8963"
},
{
"category": "external",
"summary": "SUSE Bug 1010502 for CVE-2015-8963",
"url": "https://bugzilla.suse.com/1010502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "important"
}
],
"title": "CVE-2015-8963"
},
{
"cve": "CVE-2015-8964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8964"
}
],
"notes": [
{
"category": "general",
"text": "The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8964",
"url": "https://www.suse.com/security/cve/CVE-2015-8964"
},
{
"category": "external",
"summary": "SUSE Bug 1010507 for CVE-2015-8964",
"url": "https://bugzilla.suse.com/1010507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "low"
}
],
"title": "CVE-2015-8964"
},
{
"cve": "CVE-2016-10088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10088"
}
],
"notes": [
{
"category": "general",
"text": "The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10088",
"url": "https://www.suse.com/security/cve/CVE-2016-10088"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "important"
}
],
"title": "CVE-2016-10088"
},
{
"cve": "CVE-2016-7910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7910"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7910",
"url": "https://www.suse.com/security/cve/CVE-2016-7910"
},
{
"category": "external",
"summary": "SUSE Bug 1010716 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1010716"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1196722 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1196722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "important"
}
],
"title": "CVE-2016-7910"
},
{
"cve": "CVE-2016-7911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7911"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7911",
"url": "https://www.suse.com/security/cve/CVE-2016-7911"
},
{
"category": "external",
"summary": "SUSE Bug 1010711 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1010711"
},
{
"category": "external",
"summary": "SUSE Bug 1010713 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1010713"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-7911"
},
{
"cve": "CVE-2016-7913",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7913"
}
],
"notes": [
{
"category": "general",
"text": "The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7913",
"url": "https://www.suse.com/security/cve/CVE-2016-7913"
},
{
"category": "external",
"summary": "SUSE Bug 1010478 for CVE-2016-7913",
"url": "https://bugzilla.suse.com/1010478"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "important"
}
],
"title": "CVE-2016-7913"
},
{
"cve": "CVE-2016-7914",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7914"
}
],
"notes": [
{
"category": "general",
"text": "The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7914",
"url": "https://www.suse.com/security/cve/CVE-2016-7914"
},
{
"category": "external",
"summary": "SUSE Bug 1010475 for CVE-2016-7914",
"url": "https://bugzilla.suse.com/1010475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-7914"
},
{
"cve": "CVE-2016-8399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8399"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8399",
"url": "https://www.suse.com/security/cve/CVE-2016-8399"
},
{
"category": "external",
"summary": "SUSE Bug 1014746 for CVE-2016-8399",
"url": "https://bugzilla.suse.com/1014746"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-8399",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-8399"
},
{
"cve": "CVE-2016-8632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8632"
}
],
"notes": [
{
"category": "general",
"text": "The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8632",
"url": "https://www.suse.com/security/cve/CVE-2016-8632"
},
{
"category": "external",
"summary": "SUSE Bug 1008831 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1008831"
},
{
"category": "external",
"summary": "SUSE Bug 1012852 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1012852"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-8632"
},
{
"cve": "CVE-2016-8633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8633"
}
],
"notes": [
{
"category": "general",
"text": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8633",
"url": "https://www.suse.com/security/cve/CVE-2016-8633"
},
{
"category": "external",
"summary": "SUSE Bug 1008833 for CVE-2016-8633",
"url": "https://bugzilla.suse.com/1008833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-8633"
},
{
"cve": "CVE-2016-8645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8645"
}
],
"notes": [
{
"category": "general",
"text": "The TCP stack in the Linux kernel before 4.8.10 mishandles skb truncation, which allows local users to cause a denial of service (system crash) via a crafted application that makes sendto system calls, related to net/ipv4/tcp_ipv4.c and net/ipv6/tcp_ipv6.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8645",
"url": "https://www.suse.com/security/cve/CVE-2016-8645"
},
{
"category": "external",
"summary": "SUSE Bug 1009969 for CVE-2016-8645",
"url": "https://bugzilla.suse.com/1009969"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-8645"
},
{
"cve": "CVE-2016-8655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8655"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in net/packet/af_packet.c in the Linux kernel through 4.8.12 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging the CAP_NET_RAW capability to change a socket version, related to the packet_set_ring and packet_setsockopt functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8655",
"url": "https://www.suse.com/security/cve/CVE-2016-8655"
},
{
"category": "external",
"summary": "SUSE Bug 1012754 for CVE-2016-8655",
"url": "https://bugzilla.suse.com/1012754"
},
{
"category": "external",
"summary": "SUSE Bug 1012759 for CVE-2016-8655",
"url": "https://bugzilla.suse.com/1012759"
},
{
"category": "external",
"summary": "SUSE Bug 1013822 for CVE-2016-8655",
"url": "https://bugzilla.suse.com/1013822"
},
{
"category": "external",
"summary": "SUSE Bug 1052365 for CVE-2016-8655",
"url": "https://bugzilla.suse.com/1052365"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-8655"
},
{
"cve": "CVE-2016-9083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9083"
}
],
"notes": [
{
"category": "general",
"text": "drivers/vfio/pci/vfio_pci.c in the Linux kernel through 4.8.11 allows local users to bypass integer overflow checks, and cause a denial of service (memory corruption) or have unspecified other impact, by leveraging access to a vfio PCI device file for a VFIO_DEVICE_SET_IRQS ioctl call, aka a \"state machine confusion bug.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9083",
"url": "https://www.suse.com/security/cve/CVE-2016-9083"
},
{
"category": "external",
"summary": "SUSE Bug 1007197 for CVE-2016-9083",
"url": "https://bugzilla.suse.com/1007197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "low"
}
],
"title": "CVE-2016-9083"
},
{
"cve": "CVE-2016-9084",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9084"
}
],
"notes": [
{
"category": "general",
"text": "drivers/vfio/pci/vfio_pci_intrs.c in the Linux kernel through 4.8.11 misuses the kzalloc function, which allows local users to cause a denial of service (integer overflow) or have unspecified other impact by leveraging access to a vfio PCI device file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9084",
"url": "https://www.suse.com/security/cve/CVE-2016-9084"
},
{
"category": "external",
"summary": "SUSE Bug 1007197 for CVE-2016-9084",
"url": "https://bugzilla.suse.com/1007197"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "low"
}
],
"title": "CVE-2016-9084"
},
{
"cve": "CVE-2016-9555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9555"
}
],
"notes": [
{
"category": "general",
"text": "The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9555",
"url": "https://www.suse.com/security/cve/CVE-2016-9555"
},
{
"category": "external",
"summary": "SUSE Bug 1011685 for CVE-2016-9555",
"url": "https://bugzilla.suse.com/1011685"
},
{
"category": "external",
"summary": "SUSE Bug 1012183 for CVE-2016-9555",
"url": "https://bugzilla.suse.com/1012183"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9555",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-9555"
},
{
"cve": "CVE-2016-9576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9576"
}
],
"notes": [
{
"category": "general",
"text": "The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9576",
"url": "https://www.suse.com/security/cve/CVE-2016-9576"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1019668 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019668"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "important"
}
],
"title": "CVE-2016-9576"
},
{
"cve": "CVE-2016-9756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9756"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9756",
"url": "https://www.suse.com/security/cve/CVE-2016-9756"
},
{
"category": "external",
"summary": "SUSE Bug 1013038 for CVE-2016-9756",
"url": "https://bugzilla.suse.com/1013038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-9756"
},
{
"cve": "CVE-2016-9793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9793"
}
],
"notes": [
{
"category": "general",
"text": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9793",
"url": "https://www.suse.com/security/cve/CVE-2016-9793"
},
{
"category": "external",
"summary": "SUSE Bug 1013531 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "external",
"summary": "SUSE Bug 1013542 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1013542"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2016-9793"
},
{
"cve": "CVE-2016-9794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9794"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9794",
"url": "https://www.suse.com/security/cve/CVE-2016-9794"
},
{
"category": "external",
"summary": "SUSE Bug 1013533 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013533"
},
{
"category": "external",
"summary": "SUSE Bug 1013543 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013543"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013604"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "important"
}
],
"title": "CVE-2016-9794"
},
{
"cve": "CVE-2016-9806",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9806"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the netlink_dump function in net/netlink/af_netlink.c in the Linux kernel before 4.6.3 allows local users to cause a denial of service (double free) or possibly have unspecified other impact via a crafted application that makes sendmsg system calls, leading to a free operation associated with a new dump that started earlier than anticipated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9806",
"url": "https://www.suse.com/security/cve/CVE-2016-9806"
},
{
"category": "external",
"summary": "SUSE Bug 1013540 for CVE-2016-9806",
"url": "https://bugzilla.suse.com/1013540"
},
{
"category": "external",
"summary": "SUSE Bug 1017589 for CVE-2016-9806",
"url": "https://bugzilla.suse.com/1017589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "important"
}
],
"title": "CVE-2016-9806"
},
{
"cve": "CVE-2017-2583",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2583"
}
],
"notes": [
{
"category": "general",
"text": "The load_segment_descriptor implementation in arch/x86/kvm/emulate.c in the Linux kernel before 4.9.5 improperly emulates a \"MOV SS, NULL selector\" instruction, which allows guest OS users to cause a denial of service (guest OS crash) or gain guest OS privileges via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2583",
"url": "https://www.suse.com/security/cve/CVE-2017-2583"
},
{
"category": "external",
"summary": "SUSE Bug 1020602 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1020602"
},
{
"category": "external",
"summary": "SUSE Bug 1030573 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1030573"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2583",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2017-2583"
},
{
"cve": "CVE-2017-2584",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2584"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/emulate.c in the Linux kernel through 4.9.3 allows local users to obtain sensitive information from kernel memory or cause a denial of service (use-after-free) via a crafted application that leverages instruction emulation for fxrstor, fxsave, sgdt, and sidt.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2584",
"url": "https://www.suse.com/security/cve/CVE-2017-2584"
},
{
"category": "external",
"summary": "SUSE Bug 1019851 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1019851"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2584",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2017-2584"
},
{
"cve": "CVE-2017-5551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5551"
}
],
"notes": [
{
"category": "general",
"text": "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5551",
"url": "https://www.suse.com/security/cve/CVE-2017-5551"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-compute_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-devel-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-base-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-rt_debug-devel-3.12.69-60.30.1.x86_64",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-source-rt-3.12.69-60.30.1.noarch",
"SUSE Linux Enterprise Real Time 12 SP1:kernel-syms-rt-3.12.69-60.30.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-02-06T14:41:53Z",
"details": "moderate"
}
],
"title": "CVE-2017-5551"
}
]
}
SUSE-SU-2017:1102-1
Vulnerability from csaf_suse - Published: 2017-04-25 14:34 - Updated: 2017-04-25 14:34Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SLE-11 SP4 kernel was updated to 3.0.101.rt130-68 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during
a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the
existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of
an incomplete fix for CVE-2016-7097 (bnc#1021258).
- CVE-2016-7097: posix_acl: Clear SGID bit when setting file permissions (bsc#995968).
- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations
where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or
cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and
drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).
- CVE-2016-5696: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and
cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet,
especially in protocols that use long-lived connections, such as BGP (bnc#989152).
- CVE-2015-1350: Denial of service in notify_change for filesystem xattrs (bsc#914939).
- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship
between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause
a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).
- CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could have enabled a local
malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate
because it first requires compromising a privileged process and current compiler optimizations restrict access to the
vulnerable code. (bnc#1014746).
- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of
sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash)
or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system
call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).
- CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux
kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed
local users to cause a denial of service (memory corruption and system crash)
or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN
capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2)
SO_RCVBUF option (bnc#1013542).
- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly
initialize Code Segment (CS) in certain error cases, which allowed local users
to obtain sensitive information from kernel stack memory via a crafted
application (bnc#1013038).
- CVE-2016-9576: splice: introduce FMODE_SPLICE_READ and FMODE_SPLICE_WRITE (bsc#1013604)
- CVE-2016-9794: ALSA: pcm : Call kill_fasync() in stream lock (bsc#1013533)
- CVE-2016-3841: KABI workaround for ipv6: add complete rcu protection around np->opt (bsc#992566).
- CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c
in the Linux kernel allowed local users to cause a denial of service (memory
consumption) via crafted XFS filesystem operations (bnc#1012832).
- CVE-2015-8962: Double free vulnerability in the sg_common_write function in
drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or
cause a denial of service (memory corruption and system crash) by detaching a
device during an SG_IO ioctl call (bnc#1010501).
- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the
Linux kernel lacks chunk-length checking for the first chunk, which allowed
remote attackers to cause a denial of service (out-of-bounds slab access) or
possibly have unspecified other impact via crafted SCTP data (bnc#1011685).
- CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in
block/genhd.c in the Linux kernel allowed local users to gain privileges by
leveraging the execution of a certain stop operation even if the corresponding
start operation had failed (bnc#1010716).
- CVE-2016-7911: Race condition in the get_task_ioprio function in
block/ioprio.c in the Linux kernel allowed local users to gain privileges or
cause a denial of service (use-after-free) via a crafted ioprio_get system call
(bnc#1010711).
- CVE-2013-6368: The KVM subsystem in the Linux kernel allowed local users to
gain privileges or cause a denial of service (system crash) via a VAPIC
synchronization operation involving a page-end address (bnc#853052).
- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c
in the Linux kernel allowed local users to obtain sensitive information from
kernel memory by reading a tty data structure (bnc#1010507).
- CVE-2016-7916: Revert 'proc: prevent accessing /proc/<PID>/environ until it's ready (bsc#1010467)'
- CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux
kernel allowed local users to cause a denial of service (OOPS) by attempting to
trigger use of in-kernel hash algorithms for a socket that has received zero
bytes of data (bnc#1010150).
- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in
certain unusual hardware configurations, allowed remote attackers to execute
arbitrary code via crafted fragmented packets (bnc#1008833).
- CVE-2016-7042: KEYS: Fix short sprintf buffer in /proc/keys show function (bsc#1004517).
- CVE-2015-8956: Bluetooth: Fix potential NULL dereference in RFCOMM bind callback (bsc#1003925).
- CVE-2016-7117: net: Fix use after free in the recvmmsg exit path (bsc#1003077).
The following non-security bugs were fixed:
- blacklist.conf: 45f13df be2net: Enable Wake-On-LAN from shutdown for Skyhawk
- blacklist.conf: c9cc599 net/mlx4_core: Fix QUERY FUNC CAP flags
- 8250_pci: Fix potential use-after-free in error path (bsc#1013070).
- IB/mlx4: Fix error flow when sending mads under SRIOV (bsc#786036).
- IB/mlx4: Fix incorrect MC join state bit-masking on SR-IOV (bsc#786036).
- IB/mlx4: Fix memory leak if QP creation failed (bsc#786036).
- IB/mlx4: Fix potential deadlock when sending mad to wire (bsc#786036).
- IB/mlx4: Forbid using sysfs to change RoCE pkeys (bsc#786036).
- IB/mlx4: Use correct subnet-prefix in QP1 mads under SR-IOV (bsc#786036).
- apparmor: fix IRQ stack overflow during free_profile (bsc#1009875).
- arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).
- be2net: Do not leak iomapped memory on removal (bug#925065).
- block_dev: do not test bdev->bd_contains when it is not stable (bsc#1008557).
- bna: Add synchronization for tx ring (bsc#993739).
- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).
- bnx2x: fix lockdep splat (bsc#908684).
- cifs: revert fs/cifs: fix wrongly prefixed path to root (bsc#963655)
- config.conf: add bigmem flavour on ppc64
- cpumask, nodemask: implement cpumask/nodemask_pr_args() (bnc1003866).
- cpumask_set_cpu_local_first => cpumask_local_spread, lament (bug#919382).
- crypto: add ghash-generic in the supported.conf(bsc#1016824)
- crypto: aesni - Add support for 192 & 256 bit keys to AESNI RFC4106 (bsc#913387, #bsc1016831).
- dm space map metadata: fix sm_bootstrap_get_nr_blocks()
- dm thin: fix race condition when destroying thin pool workqueue
- dm: do not call dm_sync_table() when creating new devices (bnc#901809, bsc#1008893).
- drm/mgag200: Added support for the new deviceID for G200eW3 (bnc#1019348)
- ext3: Avoid premature failure of ext3_has_free_blocks() (bsc#1016668).
- ext4: do not leave i_crtime.tv_sec uninitialized (bsc#1013018).
- ext4: fix reference counting bug on block allocation error (bsc#1013018).
- fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).
- fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133).
- fs/cifs: Fix regression which breaks DFS mounting (bsc#799133).
- fs/cifs: Move check for prefix path to within cifs_get_root() (bsc#799133).
- fs/cifs: cifs_get_root shouldn't use path with tree name (bsc#963655, bsc#979681).
- fs/cifs: make share unaccessible at root level mountable (bsc#799133).
- futex: Acknowledge a new waiter in counter before plist (bsc#851603).
- futex: Drop refcount if requeue_pi() acquired the rtmutex (bsc#851603).
- hpilo: Add support for iLO5 (bsc#999101).
- hv: do not lose pending heartbeat vmbus packets (bnc#1006919).
- hv: vmbus: avoid scheduling in interrupt context in vmbus_initiate_unload() (bnc#986337).
- hv: vmbus: avoid wait_for_completion() on crash (bnc#986337).
- hv: vmbus: do not loose HVMSG_TIMER_EXPIRED messages (bnc#986337).
- hv: vmbus: do not send CHANNELMSG_UNLOAD on pre-Win2012R2 hosts (bnc#986337).
- hv: vmbus: handle various crash scenarios (bnc#986337).
- hv: vmbus: remove code duplication in message handling (bnc#986337).
- hv: vss: run only on supported host versions (bnc#986337).
- i40e: fix an uninitialized variable bug (bsc#909484).
- ibmveth: calculate gso_segs for large packets (bsc#1019165, bsc#1019148).
- ibmveth: set correct gso_size and gso_type (bsc#1019165, bsc#1019148).
- igb: Enable SR-IOV configuration via PCI sysfs interface (bsc#909491).
- igb: Fix NULL assignment to incorrect variable in igb_reset_q_vector (bsc#795297).
- igb: Fix oops caused by missing queue pairing (bsc#909491).
- igb: Fix oops on changing number of rings (bsc#909491).
- igb: Remove unnecessary flag setting in igb_set_flag_queue_pairs() (bsc#909491).
- igb: Unpair the queues when changing the number of queues (bsc#909491).
- ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos too (bsc#865783).
- kabi-fix for flock_owner addition (bsc#998689).
- kexec: add a kexec_crash_loaded() function (bsc#973691).
- kvm: APIC: avoid instruction emulation for EOI writes (bsc#989680).
- kvm: Distangle eventfd code from irqchip (bsc#989680).
- kvm: Iterate over only vcpus that are preempted (bsc#989680).
- kvm: Record the preemption status of vcpus using preempt notifiers (bsc#989680).
- kvm: VMX: Pass vcpu to __vmx_complete_interrupts (bsc#989680).
- kvm: fold kvm_pit_timer into kvm_kpit_state (bsc#989680).
- kvm: make processes waiting on vcpu mutex killable (bsc#989680).
- kvm: nVMX: Add preemption timer support (bsc#989680).
- kvm: remove a wrong hack of delivery PIT intr to vcpu0 (bsc#989680).
- kvm: use symbolic constant for nr interrupts (bsc#989680).
- kvm: x86: Remove support for reporting coalesced APIC IRQs (bsc#989680).
- kvm: x86: Run PIT work in own kthread (bsc#989680).
- kvm: x86: limit difference between kvmclock updates (bsc#989680).
- kvm: x86: only channel 0 of the i8254 is linked to the HPET (bsc#960689).
- lib/vsprintf: implement bitmap printing through '%*pb[l]' (bnc#1003866).
- libata: introduce ata_host->n_tags to avoid oops on SAS controllers (bsc#871728).
- libata: remove n_tags to avoid kABI breakage (bsc#871728).
- libata: support the ata host which implements a queue depth less than 32 (bsc#871728)
- libfc: Do not take rdata->rp_mutex when processing a -FC_EX_CLOSED ELS response (bsc#962846).
- libfc: Fixup disc_mutex handling (bsc#962846).
- libfc: Issue PRLI after a PRLO has been received (bsc#962846).
- libfc: Revisit kref handling (bnc#990245).
- libfc: Update rport reference counting (bsc#953233).
- libfc: do not send ABTS when resetting exchanges (bsc#962846).
- libfc: fixup locking of ptp_setup() (bsc#962846).
- libfc: reset exchange manager during LOGO handling (bsc#962846).
- libfc: send LOGO for PLOGI failure (bsc#962846).
- locking/mutex: Explicitly mark task as running after wakeup (bsc#1012411).
- md/raid10: Fix memory leak when raid10 reshape completes
- md/raid10: always set reshape_safe when initializing reshape_position
- md: Drop sending a change uevent when stopping (bsc#1003568).
- md: check command validity early in md_ioctl() (bsc#1004520).
- md: fix problem when adding device to read-only array with bitmap (bnc#771065).
- memstick: mspro_block: add missing curly braces (bsc#1016688).
- mlx4: add missing braces in verify_qp_parameters (bsc#786036).
- mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations (bnc#763198).
- mm/memory.c: actually remap enough memory (bnc#1005903).
- mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone() (bnc#961589).
- mm: fix crashes from mbind() merging vmas (bnc#1005877).
- mm: fix sleeping function warning from __put_anon_vma (bnc#1005857).
- dcache: move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (bsc#984194).
- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).
- mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (bsc#1008645).
- mshyperv: fix recognition of Hyper-V guest crash MSR's (bnc#986337).
- net/mlx4: Copy/set only sizeof struct mlx4_eqe bytes (bsc#786036).
- net/mlx4_core: Allow resetting VF admin mac to zero (bsc#919382).
- net/mlx4_core: Avoid returning success in case of an error flow (bsc#786036).
- net/mlx4_core: Do not BUG_ON during reset when PCI is offline (bsc#924708).
- net/mlx4_core: Do not access comm channel if it has not yet been initialized (bsc#924708 bsc#786036).
- net/mlx4_core: Fix error message deprecation for ConnectX-2 cards (bug#919382).
- net/mlx4_core: Fix the resource-type enum in res tracker to conform to FW spec (bsc#786036).
- net/mlx4_core: Implement pci_resume callback (bsc#924708).
- net/mlx4_core: Update the HCA core clock frequency after INIT_PORT (bug#919382).
- net/mlx4_en: Choose time-stamping shift value according to HW frequency (bsc#919382).
- net/mlx4_en: Fix HW timestamp init issue upon system startup (bsc#919382).
- net/mlx4_en: Fix potential deadlock in port statistics flow (bsc#786036).
- net/mlx4_en: Move filters cleanup to a proper location (bsc#786036).
- net/mlx4_en: Remove dependency between timestamping capability and service_task (bsc#919382).
- net/mlx4_en: fix spurious timestamping callbacks (bsc#919382).
- netfilter: ipv4: defrag: set local_df flag on defragmented skb (bsc#907611).
- netfront: do not truncate grant references.
- netvsc: fix incorrect receive checksum offloading (bnc#1006917).
- nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944).
- nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).
- nfsv4.1: Fix an NFSv4.1 state renewal regression (bnc#863873).
- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).
- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).
- nfsv4: Handle timeouts correctly when probing for lease validity (bsc#1014410).
- nfsv4: add flock_owner to open context (bnc#998689).
- nfsv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (bnc#998689).
- nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (bnc#998689).
- nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (bnc#998689).
- nvme: Automatic namespace rescan (bsc#1017686).
- nvme: Metadata format support (bsc#1017686).
- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).
- oom: print nodemask in the oom report (bnc#1003866).
- pci_ids: Add PCI device ID functions 3 and 4 for newer F15h models
- pm / hibernate: Fix rtree_next_node() to avoid walking off list ends (bnc#860441).
- posix-timers: Remove remaining uses of tasklist_lock (bnc#997401).
- posix-timers: Use sighand lock instead of tasklist_lock for task clock sample (bnc#997401).
- posix-timers: Use sighand lock instead of tasklist_lock on timer deletion (bnc#997401).
- powerpc/64: Fix incorrect return value from __copy_tofrom_user (bsc#1005896).
- powerpc/MSI: Fix race condition in tearing down MSI interrupts (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- powerpc/mm/hash64: Fix subpage protection with 4K HPTE config (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- powerpc/mm: Add 64TB support (bsc#928138,fate#319026).
- powerpc/mm: Change the swap encoding in pte (bsc#973203).
- powerpc/mm: Convert virtual address to vpn (bsc#928138,fate#319026).
- powerpc/mm: Fix hash computation function (bsc#928138,fate#319026).
- powerpc/mm: Increase the slice range to 64TB (bsc#928138,fate#319026).
- powerpc/mm: Make KERN_VIRT_SIZE not dependend on PGTABLE_RANGE (bsc#928138,fate#319026).
- powerpc/mm: Make some of the PGTABLE_RANGE dependency explicit (bsc#928138,fate#319026).
- powerpc/mm: Replace open coded CONTEXT_BITS value (bsc#928138,fate#319026).
- powerpc/mm: Simplify hpte_decode (bsc#928138,fate#319026).
- powerpc/mm: Update VSID allocation documentation (bsc#928138,fate#319026).
- powerpc/mm: Use 32bit array for slb cache (bsc#928138,fate#319026).
- powerpc/mm: Use hpt_va to compute virtual address (bsc#928138,fate#319026).
- powerpc/mm: Use the required number of VSID bits in slbmte (bsc#928138,fate#319026).
- powerpc/numa: Fix multiple bugs in memory_hotplug_max() (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813).
- powerpc: Add ability to build little endian kernels (bsc#967716).
- powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716).
- powerpc: Build fix for powerpc KVM (bsc#928138,fate#319026).
- powerpc: Do not build assembly files with ABIv2 (bsc#967716).
- powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).
- powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).
- powerpc: Fix error when cross building TAGS & cscope (bsc#967716).
- powerpc: Make VSID_BITS* dependency explicit (bsc#928138,fate#319026).
- powerpc: Make the vdso32 also build big-endian (bsc#967716).
- powerpc: Move kdump default base address to half RMO size on 64bit (bsc#1003344).
- powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).
- powerpc: Remove buggy 9-year-old test for binutils < 2.12.1 (bsc#967716).
- powerpc: Rename USER_ESID_BITS* to ESID_BITS* (bsc#928138,fate#319026).
- powerpc: Require gcc 4.0 on 64-bit (bsc#967716).
- powerpc: Update kernel VSID range (bsc#928138,fate#319026).
- powerpc: blacklist fixes for unsupported subarchitectures ppc32 only: 6e0fdf9af216 powerpc: fix typo 'CONFIG_PMAC'
obscure hardware: f7e9e3583625 powerpc: Fix missing L2 cache size in /sys/devices/system/cpu
- powerpc: dtc is required to build dtb files (bsc#967716).
- powerpc: fix typo 'CONFIG_PPC_CPU' (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- powerpc: scan_features() updates incorrect bits for REAL_LE (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).
- printk/sched: Introduce special printk_sched() for those awkward (bsc#1013042, bsc#996541, bsc#1015878).
- ptrace: __ptrace_may_access() should not deny sub-threads (bsc#1012851).
- qlcnic: fix a loop exit condition better (bsc#909350).
- qlcnic: fix a timeout loop (bsc#909350)
- qlcnic: use the correct ring in qlcnic_83xx_process_rcv_ring_diag() (bnc#800999).
- reiserfs: fix race in prealloc discard (bsc#987576).
- rpm/constraints.in: Bump ppc64 disk requirements to fix OBS builds again
- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)
- rpm/package-descriptions: add -bigmem description
- rt2x00: fix rfkill regression on rt2500pci (bnc#748806).
- s390/cio: fix accidental interrupt enabling during resume (bnc#1003677, LTC#147606).
- s390/time: LPAR offset handling (bnc#1003677, LTC#146920).
- s390/time: move PTFF definitions (bnc#1003677, LTC#146920).
- scsi: lpfc: Set elsiocb contexts to NULL after freeing it (bsc#996557).
- scsi: lpfc: avoid double free of resource identifiers (bsc#989896).
- scsi: zfcp: spin_lock_irqsave() is not nestable (bsc#1003677,LTC#147374).
- scsi_error: count medium access timeout only once per EH run (bsc#993832).
- scsi_error: fixup crash in scsi_eh_reset (bsc#993832)
- serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013070).
- sfc: on MC reset, clear PIO buffer linkage in TXQs (bsc#909618).
- softirq: sirq threads raising another sirq delegate to the proper thread Otherwise, high priority timer threads expend
cycles precessing other sirqs, potentially increasing wakeup latencies as thes process sirqs at a priority other than
the priority specified by the user.
- sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a race (bnc#803320).
- sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917).
- sunrpc: Fix reconnection timeouts (bsc#1014410).
- sunrpc: Fix two issues with drop_caches and the sunrpc auth cache (bsc#1012917).
- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).
- tcp: fix inet6_csk_route_req() for link-local addresses (bsc#1010175).
- tcp: pass fl6 to inet6_csk_route_req() (bsc#1010175).
- tcp: plug dst leak in tcp_v6_conn_request() (bsc#1010175).
- tcp: use inet6_csk_route_req() in tcp_v6_send_synack() (bsc#1010175).
- tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#908458).
- tg3: Fix temperature reporting (bnc#790588).
- tty: Signal SIGHUP before hanging up ldisc (bnc#989764).
- usb: console: fix potential use after free (bsc#1015817).
- usb: console: fix uninitialised ldisc semaphore (bsc#1015817).
- usb: cp210x: Corrected USB request type definitions (bsc#1015932).
- usb: cp210x: relocate private data from USB interface to port (bsc#1015932).
- usb: cp210x: work around cp2108 GET_LINE_CTL bug (bsc#1015932).
- usb: ftdi_sio: fix null deref at port probe (bsc#1015796).
- usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices (bsc#922634).
- usb: hub: Fix unbalanced reference count/memory leak/deadlocks (bsc#968010).
- usb: ipaq.c: fix a timeout loop (bsc#1015848).
- usb: opticon: fix non-atomic allocation in write path (bsc#1015803).
- usb: option: fix runtime PM handling (bsc#1015752).
- usb: serial: cp210x: add 16-bit register access functions (bsc#1015932).
- usb: serial: cp210x: add 8-bit and 32-bit register access functions (bsc#1015932).
- usb: serial: cp210x: add new access functions for large registers (bsc#1015932).
- usb: serial: cp210x: fix hardware flow-control disable (bsc#1015932).
- usb: serial: fix potential use-after-free after failed probe (bsc#1015828).
- usb: serial: io_edgeport: fix memory leaks in attach error path (bsc#1016505).
- usb: serial: io_edgeport: fix memory leaks in probe error path (bsc#1016505).
- usb: serial: keyspan: fix use-after-free in probe error path (bsc#1016520).
- usb: sierra: fix AA deadlock in open error path (bsc#1015561).
- usb: sierra: fix remote wakeup (bsc#1015561).
- usb: sierra: fix urb and memory leak in resume error path (bsc#1015561).
- usb: sierra: fix urb and memory leak on disconnect (bsc#1015561).
- usb: sierra: fix use after free at suspend/resume (bsc#1015561).
- usb: usb_wwan: fix potential blocked I/O after resume (bsc#1015760).
- usb: usb_wwan: fix race between write and resume (bsc#1015760).
- usb: usb_wwan: fix urb leak at shutdown (bsc#1015760).
- usb: usb_wwan: fix urb leak in write error path (bsc#1015760).
- usb: usb_wwan: fix write and suspend race (bsc#1015760).
- usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).
- usblp: do not set TASK_INTERRUPTIBLE before lock (bsc#1015844).
- vmxnet3: Wake queue from reset work (bsc#999907).
- x86, amd_nb: Clarify F15h, model 30h GART and L3 support
- x86/MCE/intel: Cleanup CMCI storm logic (bsc#929141).
- x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and sync_regs (bsc#909077).
- x86/cpu/amd: Set X86_FEATURE_EXTD_APICID for future processors
- x86/gart: Check for GART support before accessing GART registers
- xenbus: do not invoke ->is_ready() for most device states (bsc#987333).
- zcrypt: Fix hang condition on crypto card config-off (bsc#1016320).
- zcrypt: Fix invalid domain response handling (bsc#1016320).
- zfcp: Fix erratic device offline during EH (bsc#993832).
- zfcp: close window with unblocked rport during rport gone (bnc#1003677).
- zfcp: fix D_ID field with actual value on tracing SAN responses (bnc#1003677).
- zfcp: fix ELS/GS request&response length for hardware data router (bnc#1003677).
- zfcp: fix payload trace length for SAN request&response (bnc#1003677).
- zfcp: restore tracing of handle for port and LUN with HBA records (bnc#1003677).
- zfcp: restore: Dont use 0 to indicate invalid LUN in rec trace (bnc#1003677).
- zfcp: retain trace level for SCSI and HBA FSF response records (bnc#1003677).
- zfcp: trace full payload of all SAN records (req,resp,iels) (bnc#1003677).
- zfcp: trace on request for open and close of WKA port (bnc#1003677).
Patchnames: slertesp4-kernel-13074
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.7 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.1 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.3 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.8 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4.4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
8.1 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.1 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.4 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
269 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SLE-11 SP4 kernel was updated to 3.0.101.rt130-68 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-5551: The simple_set_acl function in fs/posix_acl.c in the Linux kernel preserved the setgid bit during\n a setxattr call involving a tmpfs filesystem, which allowed local users to gain group privileges by leveraging the\n existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of\n an incomplete fix for CVE-2016-7097 (bnc#1021258).\n- CVE-2016-7097: posix_acl: Clear SGID bit when setting file permissions (bsc#995968).\n- CVE-2016-10088: The sg implementation in the Linux kernel did not properly restrict write operations in situations\n where the KERNEL_DS option is set, which allowed local users to read or write to arbitrary kernel memory locations or\n cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and \n drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576 (bnc#1017710).\n- CVE-2016-5696: TCP, when using a large Window Size, made it easier for remote attackers to guess sequence numbers and\n cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet,\n especially in protocols that use long-lived connections, such as BGP (bnc#989152).\n- CVE-2015-1350: Denial of service in notify_change for filesystem xattrs (bsc#914939).\n- CVE-2016-8632: The tipc_msg_build function in net/tipc/msg.c in the Linux kernel did not validate the relationship\n between the minimum fragment length and the maximum packet size, which allowed local users to gain privileges or cause\n a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability (bnc#1008831).\n- CVE-2016-8399: An elevation of privilege vulnerability in the kernel networking subsystem could have enabled a local\n malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate\n because it first requires compromising a privileged process and current compiler optimizations restrict access to the\n vulnerable code. (bnc#1014746).\n- CVE-2016-9793: The sock_setsockopt function in net/core/sock.c in the Linux kernel mishandled negative values of \n sk_sndbuf and sk_rcvbuf, which allowed local users to cause a denial of service (memory corruption and system crash)\n or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system\n call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option (bnc#1013531).\n- CVE-2012-6704: The sock_setsockopt function in net/core/sock.c in the Linux\n kernel mishandled negative values of sk_sndbuf and sk_rcvbuf, which allowed\n local users to cause a denial of service (memory corruption and system crash)\n or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN\n capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2)\n SO_RCVBUF option (bnc#1013542).\n- CVE-2016-9756: arch/x86/kvm/emulate.c in the Linux kernel did not properly\n initialize Code Segment (CS) in certain error cases, which allowed local users\n to obtain sensitive information from kernel stack memory via a crafted\n application (bnc#1013038).\n- CVE-2016-9576: splice: introduce FMODE_SPLICE_READ and FMODE_SPLICE_WRITE (bsc#1013604)\n- CVE-2016-9794: ALSA: pcm : Call kill_fasync() in stream lock (bsc#1013533)\n- CVE-2016-3841: KABI workaround for ipv6: add complete rcu protection around np-\u003eopt (bsc#992566).\n- CVE-2016-9685: Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c\n in the Linux kernel allowed local users to cause a denial of service (memory\n consumption) via crafted XFS filesystem operations (bnc#1012832).\n- CVE-2015-8962: Double free vulnerability in the sg_common_write function in\n drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or\n cause a denial of service (memory corruption and system crash) by detaching a\n device during an SG_IO ioctl call (bnc#1010501).\n- CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the\n Linux kernel lacks chunk-length checking for the first chunk, which allowed\n remote attackers to cause a denial of service (out-of-bounds slab access) or\n possibly have unspecified other impact via crafted SCTP data (bnc#1011685).\n - CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in\n block/genhd.c in the Linux kernel allowed local users to gain privileges by\n leveraging the execution of a certain stop operation even if the corresponding\n start operation had failed (bnc#1010716).\n- CVE-2016-7911: Race condition in the get_task_ioprio function in\n block/ioprio.c in the Linux kernel allowed local users to gain privileges or\n cause a denial of service (use-after-free) via a crafted ioprio_get system call\n (bnc#1010711).\n- CVE-2013-6368: The KVM subsystem in the Linux kernel allowed local users to\n gain privileges or cause a denial of service (system crash) via a VAPIC\n synchronization operation involving a page-end address (bnc#853052).\n- CVE-2015-8964: The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c\n in the Linux kernel allowed local users to obtain sensitive information from\n kernel memory by reading a tty data structure (bnc#1010507).\n- CVE-2016-7916: Revert \u0027proc: prevent accessing /proc/\u003cPID\u003e/environ until it\u0027s ready (bsc#1010467)\u0027\n- CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux\n kernel allowed local users to cause a denial of service (OOPS) by attempting to\n trigger use of in-kernel hash algorithms for a socket that has received zero\n bytes of data (bnc#1010150).\n- CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in\n certain unusual hardware configurations, allowed remote attackers to execute\n arbitrary code via crafted fragmented packets (bnc#1008833).\n- CVE-2016-7042: KEYS: Fix short sprintf buffer in /proc/keys show function (bsc#1004517).\n- CVE-2015-8956: Bluetooth: Fix potential NULL dereference in RFCOMM bind callback (bsc#1003925).\n- CVE-2016-7117: net: Fix use after free in the recvmmsg exit path (bsc#1003077).\n\nThe following non-security bugs were fixed:\n\n- blacklist.conf: 45f13df be2net: Enable Wake-On-LAN from shutdown for Skyhawk\n- blacklist.conf: c9cc599 net/mlx4_core: Fix QUERY FUNC CAP flags\n\n- 8250_pci: Fix potential use-after-free in error path (bsc#1013070).\n- IB/mlx4: Fix error flow when sending mads under SRIOV (bsc#786036).\n- IB/mlx4: Fix incorrect MC join state bit-masking on SR-IOV (bsc#786036).\n- IB/mlx4: Fix memory leak if QP creation failed (bsc#786036).\n- IB/mlx4: Fix potential deadlock when sending mad to wire (bsc#786036).\n- IB/mlx4: Forbid using sysfs to change RoCE pkeys (bsc#786036).\n- IB/mlx4: Use correct subnet-prefix in QP1 mads under SR-IOV (bsc#786036).\n- apparmor: fix IRQ stack overflow during free_profile (bsc#1009875).\n- arch/powerpc: Remove duplicate/redundant Altivec entries (bsc#967716).\n- be2net: Do not leak iomapped memory on removal (bug#925065).\n- block_dev: do not test bdev-\u003ebd_contains when it is not stable (bsc#1008557).\n- bna: Add synchronization for tx ring (bsc#993739).\n- bnx2x: Correct ringparam estimate when DOWN (bsc#1020214).\n- bnx2x: fix lockdep splat (bsc#908684).\n- cifs: revert fs/cifs: fix wrongly prefixed path to root (bsc#963655)\n- config.conf: add bigmem flavour on ppc64\n- cpumask, nodemask: implement cpumask/nodemask_pr_args() (bnc1003866).\n- cpumask_set_cpu_local_first =\u003e cpumask_local_spread, lament (bug#919382).\n- crypto: add ghash-generic in the supported.conf(bsc#1016824)\n- crypto: aesni - Add support for 192 \u0026 256 bit keys to AESNI RFC4106 (bsc#913387, #bsc1016831).\n- dm space map metadata: fix sm_bootstrap_get_nr_blocks()\n- dm thin: fix race condition when destroying thin pool workqueue\n- dm: do not call dm_sync_table() when creating new devices (bnc#901809, bsc#1008893).\n- drm/mgag200: Added support for the new deviceID for G200eW3 (bnc#1019348)\n- ext3: Avoid premature failure of ext3_has_free_blocks() (bsc#1016668).\n- ext4: do not leave i_crtime.tv_sec uninitialized (bsc#1013018).\n- ext4: fix reference counting bug on block allocation error (bsc#1013018).\n- fs/cifs: Compare prepaths when comparing superblocks (bsc#799133).\n- fs/cifs: Fix memory leaks in cifs_do_mount() (bsc#799133).\n- fs/cifs: Fix regression which breaks DFS mounting (bsc#799133).\n- fs/cifs: Move check for prefix path to within cifs_get_root() (bsc#799133).\n- fs/cifs: cifs_get_root shouldn\u0027t use path with tree name (bsc#963655, bsc#979681).\n- fs/cifs: make share unaccessible at root level mountable (bsc#799133).\n- futex: Acknowledge a new waiter in counter before plist (bsc#851603).\n- futex: Drop refcount if requeue_pi() acquired the rtmutex (bsc#851603).\n- hpilo: Add support for iLO5 (bsc#999101).\n- hv: do not lose pending heartbeat vmbus packets (bnc#1006919).\n- hv: vmbus: avoid scheduling in interrupt context in vmbus_initiate_unload() (bnc#986337).\n- hv: vmbus: avoid wait_for_completion() on crash (bnc#986337).\n- hv: vmbus: do not loose HVMSG_TIMER_EXPIRED messages (bnc#986337).\n- hv: vmbus: do not send CHANNELMSG_UNLOAD on pre-Win2012R2 hosts (bnc#986337).\n- hv: vmbus: handle various crash scenarios (bnc#986337).\n- hv: vmbus: remove code duplication in message handling (bnc#986337).\n- hv: vss: run only on supported host versions (bnc#986337).\n- i40e: fix an uninitialized variable bug (bsc#909484).\n- ibmveth: calculate gso_segs for large packets (bsc#1019165, bsc#1019148).\n- ibmveth: set correct gso_size and gso_type (bsc#1019165, bsc#1019148).\n- igb: Enable SR-IOV configuration via PCI sysfs interface (bsc#909491).\n- igb: Fix NULL assignment to incorrect variable in igb_reset_q_vector (bsc#795297).\n- igb: Fix oops caused by missing queue pairing (bsc#909491).\n- igb: Fix oops on changing number of rings (bsc#909491).\n- igb: Remove unnecessary flag setting in igb_set_flag_queue_pairs() (bsc#909491).\n- igb: Unpair the queues when changing the number of queues (bsc#909491).\n- ipv6: replacing a rt6_info needs to purge possible propagated rt6_infos too (bsc#865783).\n- kabi-fix for flock_owner addition (bsc#998689).\n- kexec: add a kexec_crash_loaded() function (bsc#973691).\n- kvm: APIC: avoid instruction emulation for EOI writes (bsc#989680).\n- kvm: Distangle eventfd code from irqchip (bsc#989680).\n- kvm: Iterate over only vcpus that are preempted (bsc#989680).\n- kvm: Record the preemption status of vcpus using preempt notifiers (bsc#989680).\n- kvm: VMX: Pass vcpu to __vmx_complete_interrupts (bsc#989680).\n- kvm: fold kvm_pit_timer into kvm_kpit_state (bsc#989680).\n- kvm: make processes waiting on vcpu mutex killable (bsc#989680).\n- kvm: nVMX: Add preemption timer support (bsc#989680).\n- kvm: remove a wrong hack of delivery PIT intr to vcpu0 (bsc#989680).\n- kvm: use symbolic constant for nr interrupts (bsc#989680).\n- kvm: x86: Remove support for reporting coalesced APIC IRQs (bsc#989680).\n- kvm: x86: Run PIT work in own kthread (bsc#989680).\n- kvm: x86: limit difference between kvmclock updates (bsc#989680).\n- kvm: x86: only channel 0 of the i8254 is linked to the HPET (bsc#960689).\n- lib/vsprintf: implement bitmap printing through \u0027%*pb[l]\u0027 (bnc#1003866).\n- libata: introduce ata_host-\u003en_tags to avoid oops on SAS controllers (bsc#871728).\n- libata: remove n_tags to avoid kABI breakage (bsc#871728).\n- libata: support the ata host which implements a queue depth less than 32 (bsc#871728)\n- libfc: Do not take rdata-\u003erp_mutex when processing a -FC_EX_CLOSED ELS response (bsc#962846).\n- libfc: Fixup disc_mutex handling (bsc#962846).\n- libfc: Issue PRLI after a PRLO has been received (bsc#962846).\n- libfc: Revisit kref handling (bnc#990245).\n- libfc: Update rport reference counting (bsc#953233).\n- libfc: do not send ABTS when resetting exchanges (bsc#962846).\n- libfc: fixup locking of ptp_setup() (bsc#962846).\n- libfc: reset exchange manager during LOGO handling (bsc#962846).\n- libfc: send LOGO for PLOGI failure (bsc#962846).\n- locking/mutex: Explicitly mark task as running after wakeup (bsc#1012411).\n- md/raid10: Fix memory leak when raid10 reshape completes\n- md/raid10: always set reshape_safe when initializing reshape_position\n- md: Drop sending a change uevent when stopping (bsc#1003568).\n- md: check command validity early in md_ioctl() (bsc#1004520).\n- md: fix problem when adding device to read-only array with bitmap (bnc#771065).\n- memstick: mspro_block: add missing curly braces (bsc#1016688).\n- mlx4: add missing braces in verify_qp_parameters (bsc#786036).\n- mm, vmscan: Do not wait for page writeback for GFP_NOFS allocations (bnc#763198).\n- mm/memory.c: actually remap enough memory (bnc#1005903).\n- mm/memory_hotplug.c: check for missing sections in test_pages_in_a_zone() (bnc#961589).\n- mm: fix crashes from mbind() merging vmas (bnc#1005877).\n- mm: fix sleeping function warning from __put_anon_vma (bnc#1005857).\n- dcache: move the call of __d_drop(anon) into __d_materialise_unique(dentry, anon) (bsc#984194).\n- mpi: Fix NULL ptr dereference in mpi_powm() [ver #3] (bsc#1011820).\n- mremap: enforce rmap src/dst vma ordering in case of vma_merge() succeeding in copy_vma() (bsc#1008645).\n- mshyperv: fix recognition of Hyper-V guest crash MSR\u0027s (bnc#986337).\n- net/mlx4: Copy/set only sizeof struct mlx4_eqe bytes (bsc#786036).\n- net/mlx4_core: Allow resetting VF admin mac to zero (bsc#919382).\n- net/mlx4_core: Avoid returning success in case of an error flow (bsc#786036).\n- net/mlx4_core: Do not BUG_ON during reset when PCI is offline (bsc#924708).\n- net/mlx4_core: Do not access comm channel if it has not yet been initialized (bsc#924708 bsc#786036).\n- net/mlx4_core: Fix error message deprecation for ConnectX-2 cards (bug#919382).\n- net/mlx4_core: Fix the resource-type enum in res tracker to conform to FW spec (bsc#786036).\n- net/mlx4_core: Implement pci_resume callback (bsc#924708).\n- net/mlx4_core: Update the HCA core clock frequency after INIT_PORT (bug#919382).\n- net/mlx4_en: Choose time-stamping shift value according to HW frequency (bsc#919382).\n- net/mlx4_en: Fix HW timestamp init issue upon system startup (bsc#919382).\n- net/mlx4_en: Fix potential deadlock in port statistics flow (bsc#786036).\n- net/mlx4_en: Move filters cleanup to a proper location (bsc#786036).\n- net/mlx4_en: Remove dependency between timestamping capability and service_task (bsc#919382).\n- net/mlx4_en: fix spurious timestamping callbacks (bsc#919382).\n- netfilter: ipv4: defrag: set local_df flag on defragmented skb (bsc#907611).\n- netfront: do not truncate grant references.\n- netvsc: fix incorrect receive checksum offloading (bnc#1006917).\n- nfs4: reset states to use open_stateid when returning delegation voluntarily (bsc#1007944).\n- nfs: Fix an LOCK/OPEN race when unlinking an open file (bsc#956514).\n- nfsv4.1: Fix an NFSv4.1 state renewal regression (bnc#863873).\n- nfsv4: Cap the transport reconnection timer at 1/2 lease period (bsc#1014410).\n- nfsv4: Cleanup the setting of the nfs4 lease period (bsc#1014410).\n- nfsv4: Handle timeouts correctly when probing for lease validity (bsc#1014410).\n- nfsv4: add flock_owner to open context (bnc#998689).\n- nfsv4: change nfs4_do_setattr to take an open_context instead of a nfs4_state (bnc#998689).\n- nfsv4: change nfs4_select_rw_stateid to take a lock_context inplace of lock_owner (bnc#998689).\n- nfsv4: enhance nfs4_copy_lock_stateid to use a flock stateid if there is one (bnc#998689).\n- nvme: Automatic namespace rescan (bsc#1017686).\n- nvme: Metadata format support (bsc#1017686).\n- ocfs2: fix BUG_ON() in ocfs2_ci_checkpointed() (bnc#1019783).\n- oom: print nodemask in the oom report (bnc#1003866).\n- pci_ids: Add PCI device ID functions 3 and 4 for newer F15h models\n- pm / hibernate: Fix rtree_next_node() to avoid walking off list ends (bnc#860441).\n- posix-timers: Remove remaining uses of tasklist_lock (bnc#997401).\n- posix-timers: Use sighand lock instead of tasklist_lock for task clock sample (bnc#997401).\n- posix-timers: Use sighand lock instead of tasklist_lock on timer deletion (bnc#997401).\n- powerpc/64: Fix incorrect return value from __copy_tofrom_user (bsc#1005896).\n- powerpc/MSI: Fix race condition in tearing down MSI interrupts (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- powerpc/mm/hash64: Fix subpage protection with 4K HPTE config (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- powerpc/mm: Add 64TB support (bsc#928138,fate#319026).\n- powerpc/mm: Change the swap encoding in pte (bsc#973203).\n- powerpc/mm: Convert virtual address to vpn (bsc#928138,fate#319026).\n- powerpc/mm: Fix hash computation function (bsc#928138,fate#319026).\n- powerpc/mm: Increase the slice range to 64TB (bsc#928138,fate#319026).\n- powerpc/mm: Make KERN_VIRT_SIZE not dependend on PGTABLE_RANGE (bsc#928138,fate#319026).\n- powerpc/mm: Make some of the PGTABLE_RANGE dependency explicit (bsc#928138,fate#319026).\n- powerpc/mm: Replace open coded CONTEXT_BITS value (bsc#928138,fate#319026).\n- powerpc/mm: Simplify hpte_decode (bsc#928138,fate#319026).\n- powerpc/mm: Update VSID allocation documentation (bsc#928138,fate#319026).\n- powerpc/mm: Use 32bit array for slb cache (bsc#928138,fate#319026).\n- powerpc/mm: Use hpt_va to compute virtual address (bsc#928138,fate#319026).\n- powerpc/mm: Use the required number of VSID bits in slbmte (bsc#928138,fate#319026).\n- powerpc/numa: Fix multiple bugs in memory_hotplug_max() (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- powerpc/pseries: Use H_CLEAR_HPT to clear MMU hash table during kexec (bsc#1003813).\n- powerpc: Add ability to build little endian kernels (bsc#967716).\n- powerpc: Avoid load of static chain register when calling nested functions through a pointer on 64bit (bsc#967716).\n- powerpc: Build fix for powerpc KVM (bsc#928138,fate#319026).\n- powerpc: Do not build assembly files with ABIv2 (bsc#967716).\n- powerpc: Do not use ELFv2 ABI to build the kernel (bsc#967716).\n- powerpc: Fix 64 bit builds with binutils 2.24 (bsc#967716).\n- powerpc: Fix error when cross building TAGS \u0026 cscope (bsc#967716).\n- powerpc: Make VSID_BITS* dependency explicit (bsc#928138,fate#319026).\n- powerpc: Make the vdso32 also build big-endian (bsc#967716).\n- powerpc: Move kdump default base address to half RMO size on 64bit (bsc#1003344).\n- powerpc: Remove altivec fix for gcc versions before 4.0 (bsc#967716).\n- powerpc: Remove buggy 9-year-old test for binutils \u003c 2.12.1 (bsc#967716).\n- powerpc: Rename USER_ESID_BITS* to ESID_BITS* (bsc#928138,fate#319026).\n- powerpc: Require gcc 4.0 on 64-bit (bsc#967716).\n- powerpc: Update kernel VSID range (bsc#928138,fate#319026).\n- powerpc: blacklist fixes for unsupported subarchitectures ppc32 only: 6e0fdf9af216 powerpc: fix typo \u0027CONFIG_PMAC\u0027\n obscure hardware: f7e9e3583625 powerpc: Fix missing L2 cache size in /sys/devices/system/cpu\n- powerpc: dtc is required to build dtb files (bsc#967716).\n- powerpc: fix typo \u0027CONFIG_PPC_CPU\u0027 (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- powerpc: scan_features() updates incorrect bits for REAL_LE (bsc#1010201, [2016-10-04] Pending Base Kernel Fixes).\n- printk/sched: Introduce special printk_sched() for those awkward (bsc#1013042, bsc#996541, bsc#1015878).\n- ptrace: __ptrace_may_access() should not deny sub-threads (bsc#1012851).\n- qlcnic: fix a loop exit condition better (bsc#909350).\n- qlcnic: fix a timeout loop (bsc#909350)\n- qlcnic: use the correct ring in qlcnic_83xx_process_rcv_ring_diag() (bnc#800999).\n- reiserfs: fix race in prealloc discard (bsc#987576).\n- rpm/constraints.in: Bump ppc64 disk requirements to fix OBS builds again\n- rpm/kernel-binary.spec.in: Export a make-stderr.log file (bsc#1012422)\n- rpm/package-descriptions: add -bigmem description\n- rt2x00: fix rfkill regression on rt2500pci (bnc#748806).\n- s390/cio: fix accidental interrupt enabling during resume (bnc#1003677, LTC#147606).\n- s390/time: LPAR offset handling (bnc#1003677, LTC#146920).\n- s390/time: move PTFF definitions (bnc#1003677, LTC#146920).\n- scsi: lpfc: Set elsiocb contexts to NULL after freeing it (bsc#996557).\n- scsi: lpfc: avoid double free of resource identifiers (bsc#989896).\n- scsi: zfcp: spin_lock_irqsave() is not nestable (bsc#1003677,LTC#147374).\n- scsi_error: count medium access timeout only once per EH run (bsc#993832).\n- scsi_error: fixup crash in scsi_eh_reset (bsc#993832)\n- serial: 8250_pci: Detach low-level driver during PCI error recovery (bsc#1013070).\n- sfc: on MC reset, clear PIO buffer linkage in TXQs (bsc#909618).\n- softirq: sirq threads raising another sirq delegate to the proper thread Otherwise, high priority timer threads expend\n cycles precessing other sirqs, potentially increasing wakeup latencies as thes process sirqs at a priority other than\n the priority specified by the user.\n- sunrpc/cache: drop reference when sunrpc_cache_pipe_upcall() detects a race (bnc#803320).\n- sunrpc: Enforce an upper limit on the number of cached credentials (bsc#1012917).\n- sunrpc: Fix reconnection timeouts (bsc#1014410).\n- sunrpc: Fix two issues with drop_caches and the sunrpc auth cache (bsc#1012917).\n- sunrpc: Limit the reconnect backoff timer to the max RPC message timeout (bsc#1014410).\n- tcp: fix inet6_csk_route_req() for link-local addresses (bsc#1010175).\n- tcp: pass fl6 to inet6_csk_route_req() (bsc#1010175).\n- tcp: plug dst leak in tcp_v6_conn_request() (bsc#1010175).\n- tcp: use inet6_csk_route_req() in tcp_v6_send_synack() (bsc#1010175).\n- tg3: Avoid NULL pointer dereference in tg3_io_error_detected() (bsc#908458).\n- tg3: Fix temperature reporting (bnc#790588).\n- tty: Signal SIGHUP before hanging up ldisc (bnc#989764).\n- usb: console: fix potential use after free (bsc#1015817).\n- usb: console: fix uninitialised ldisc semaphore (bsc#1015817).\n- usb: cp210x: Corrected USB request type definitions (bsc#1015932).\n- usb: cp210x: relocate private data from USB interface to port (bsc#1015932).\n- usb: cp210x: work around cp2108 GET_LINE_CTL bug (bsc#1015932).\n- usb: ftdi_sio: fix null deref at port probe (bsc#1015796).\n- usb: hub: Fix auto-remount of safely removed or ejected USB-3 devices (bsc#922634).\n- usb: hub: Fix unbalanced reference count/memory leak/deadlocks (bsc#968010).\n- usb: ipaq.c: fix a timeout loop (bsc#1015848).\n- usb: opticon: fix non-atomic allocation in write path (bsc#1015803).\n- usb: option: fix runtime PM handling (bsc#1015752).\n- usb: serial: cp210x: add 16-bit register access functions (bsc#1015932).\n- usb: serial: cp210x: add 8-bit and 32-bit register access functions (bsc#1015932).\n- usb: serial: cp210x: add new access functions for large registers (bsc#1015932).\n- usb: serial: cp210x: fix hardware flow-control disable (bsc#1015932).\n- usb: serial: fix potential use-after-free after failed probe (bsc#1015828).\n- usb: serial: io_edgeport: fix memory leaks in attach error path (bsc#1016505).\n- usb: serial: io_edgeport: fix memory leaks in probe error path (bsc#1016505).\n- usb: serial: keyspan: fix use-after-free in probe error path (bsc#1016520).\n- usb: sierra: fix AA deadlock in open error path (bsc#1015561).\n- usb: sierra: fix remote wakeup (bsc#1015561).\n- usb: sierra: fix urb and memory leak in resume error path (bsc#1015561).\n- usb: sierra: fix urb and memory leak on disconnect (bsc#1015561).\n- usb: sierra: fix use after free at suspend/resume (bsc#1015561).\n- usb: usb_wwan: fix potential blocked I/O after resume (bsc#1015760).\n- usb: usb_wwan: fix race between write and resume (bsc#1015760).\n- usb: usb_wwan: fix urb leak at shutdown (bsc#1015760).\n- usb: usb_wwan: fix urb leak in write error path (bsc#1015760).\n- usb: usb_wwan: fix write and suspend race (bsc#1015760).\n- usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615).\n- usblp: do not set TASK_INTERRUPTIBLE before lock (bsc#1015844).\n- vmxnet3: Wake queue from reset work (bsc#999907).\n- x86, amd_nb: Clarify F15h, model 30h GART and L3 support\n- x86/MCE/intel: Cleanup CMCI storm logic (bsc#929141).\n- x86/asm/traps: Disable tracing and kprobes in fixup_bad_iret and sync_regs (bsc#909077).\n- x86/cpu/amd: Set X86_FEATURE_EXTD_APICID for future processors\n- x86/gart: Check for GART support before accessing GART registers\n- xenbus: do not invoke -\u003eis_ready() for most device states (bsc#987333).\n- zcrypt: Fix hang condition on crypto card config-off (bsc#1016320).\n- zcrypt: Fix invalid domain response handling (bsc#1016320).\n- zfcp: Fix erratic device offline during EH (bsc#993832).\n- zfcp: close window with unblocked rport during rport gone (bnc#1003677).\n- zfcp: fix D_ID field with actual value on tracing SAN responses (bnc#1003677).\n- zfcp: fix ELS/GS request\u0026response length for hardware data router (bnc#1003677).\n- zfcp: fix payload trace length for SAN request\u0026response (bnc#1003677).\n- zfcp: restore tracing of handle for port and LUN with HBA records (bnc#1003677).\n- zfcp: restore: Dont use 0 to indicate invalid LUN in rec trace (bnc#1003677).\n- zfcp: retain trace level for SCSI and HBA FSF response records (bnc#1003677).\n- zfcp: trace full payload of all SAN records (req,resp,iels) (bnc#1003677).\n- zfcp: trace on request for open and close of WKA port (bnc#1003677).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slertesp4-kernel-13074",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_1102-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:1102-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171102-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:1102-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-April/002828.html"
},
{
"category": "self",
"summary": "SUSE Bug 1003077",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "self",
"summary": "SUSE Bug 1003344",
"url": "https://bugzilla.suse.com/1003344"
},
{
"category": "self",
"summary": "SUSE Bug 1003568",
"url": "https://bugzilla.suse.com/1003568"
},
{
"category": "self",
"summary": "SUSE Bug 1003677",
"url": "https://bugzilla.suse.com/1003677"
},
{
"category": "self",
"summary": "SUSE Bug 1003813",
"url": "https://bugzilla.suse.com/1003813"
},
{
"category": "self",
"summary": "SUSE Bug 1003866",
"url": "https://bugzilla.suse.com/1003866"
},
{
"category": "self",
"summary": "SUSE Bug 1003925",
"url": "https://bugzilla.suse.com/1003925"
},
{
"category": "self",
"summary": "SUSE Bug 1004517",
"url": "https://bugzilla.suse.com/1004517"
},
{
"category": "self",
"summary": "SUSE Bug 1004520",
"url": "https://bugzilla.suse.com/1004520"
},
{
"category": "self",
"summary": "SUSE Bug 1005857",
"url": "https://bugzilla.suse.com/1005857"
},
{
"category": "self",
"summary": "SUSE Bug 1005877",
"url": "https://bugzilla.suse.com/1005877"
},
{
"category": "self",
"summary": "SUSE Bug 1005896",
"url": "https://bugzilla.suse.com/1005896"
},
{
"category": "self",
"summary": "SUSE Bug 1005903",
"url": "https://bugzilla.suse.com/1005903"
},
{
"category": "self",
"summary": "SUSE Bug 1006917",
"url": "https://bugzilla.suse.com/1006917"
},
{
"category": "self",
"summary": "SUSE Bug 1006919",
"url": "https://bugzilla.suse.com/1006919"
},
{
"category": "self",
"summary": "SUSE Bug 1007615",
"url": "https://bugzilla.suse.com/1007615"
},
{
"category": "self",
"summary": "SUSE Bug 1007944",
"url": "https://bugzilla.suse.com/1007944"
},
{
"category": "self",
"summary": "SUSE Bug 1008557",
"url": "https://bugzilla.suse.com/1008557"
},
{
"category": "self",
"summary": "SUSE Bug 1008645",
"url": "https://bugzilla.suse.com/1008645"
},
{
"category": "self",
"summary": "SUSE Bug 1008831",
"url": "https://bugzilla.suse.com/1008831"
},
{
"category": "self",
"summary": "SUSE Bug 1008833",
"url": "https://bugzilla.suse.com/1008833"
},
{
"category": "self",
"summary": "SUSE Bug 1008893",
"url": "https://bugzilla.suse.com/1008893"
},
{
"category": "self",
"summary": "SUSE Bug 1009875",
"url": "https://bugzilla.suse.com/1009875"
},
{
"category": "self",
"summary": "SUSE Bug 1010150",
"url": "https://bugzilla.suse.com/1010150"
},
{
"category": "self",
"summary": "SUSE Bug 1010175",
"url": "https://bugzilla.suse.com/1010175"
},
{
"category": "self",
"summary": "SUSE Bug 1010201",
"url": "https://bugzilla.suse.com/1010201"
},
{
"category": "self",
"summary": "SUSE Bug 1010467",
"url": "https://bugzilla.suse.com/1010467"
},
{
"category": "self",
"summary": "SUSE Bug 1010501",
"url": "https://bugzilla.suse.com/1010501"
},
{
"category": "self",
"summary": "SUSE Bug 1010507",
"url": "https://bugzilla.suse.com/1010507"
},
{
"category": "self",
"summary": "SUSE Bug 1010711",
"url": "https://bugzilla.suse.com/1010711"
},
{
"category": "self",
"summary": "SUSE Bug 1010716",
"url": "https://bugzilla.suse.com/1010716"
},
{
"category": "self",
"summary": "SUSE Bug 1011685",
"url": "https://bugzilla.suse.com/1011685"
},
{
"category": "self",
"summary": "SUSE Bug 1011820",
"url": "https://bugzilla.suse.com/1011820"
},
{
"category": "self",
"summary": "SUSE Bug 1012411",
"url": "https://bugzilla.suse.com/1012411"
},
{
"category": "self",
"summary": "SUSE Bug 1012422",
"url": "https://bugzilla.suse.com/1012422"
},
{
"category": "self",
"summary": "SUSE Bug 1012832",
"url": "https://bugzilla.suse.com/1012832"
},
{
"category": "self",
"summary": "SUSE Bug 1012851",
"url": "https://bugzilla.suse.com/1012851"
},
{
"category": "self",
"summary": "SUSE Bug 1012917",
"url": "https://bugzilla.suse.com/1012917"
},
{
"category": "self",
"summary": "SUSE Bug 1013018",
"url": "https://bugzilla.suse.com/1013018"
},
{
"category": "self",
"summary": "SUSE Bug 1013038",
"url": "https://bugzilla.suse.com/1013038"
},
{
"category": "self",
"summary": "SUSE Bug 1013042",
"url": "https://bugzilla.suse.com/1013042"
},
{
"category": "self",
"summary": "SUSE Bug 1013070",
"url": "https://bugzilla.suse.com/1013070"
},
{
"category": "self",
"summary": "SUSE Bug 1013531",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "self",
"summary": "SUSE Bug 1013533",
"url": "https://bugzilla.suse.com/1013533"
},
{
"category": "self",
"summary": "SUSE Bug 1013542",
"url": "https://bugzilla.suse.com/1013542"
},
{
"category": "self",
"summary": "SUSE Bug 1013604",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "self",
"summary": "SUSE Bug 1014410",
"url": "https://bugzilla.suse.com/1014410"
},
{
"category": "self",
"summary": "SUSE Bug 1014454",
"url": "https://bugzilla.suse.com/1014454"
},
{
"category": "self",
"summary": "SUSE Bug 1014746",
"url": "https://bugzilla.suse.com/1014746"
},
{
"category": "self",
"summary": "SUSE Bug 1015561",
"url": "https://bugzilla.suse.com/1015561"
},
{
"category": "self",
"summary": "SUSE Bug 1015752",
"url": "https://bugzilla.suse.com/1015752"
},
{
"category": "self",
"summary": "SUSE Bug 1015760",
"url": "https://bugzilla.suse.com/1015760"
},
{
"category": "self",
"summary": "SUSE Bug 1015796",
"url": "https://bugzilla.suse.com/1015796"
},
{
"category": "self",
"summary": "SUSE Bug 1015803",
"url": "https://bugzilla.suse.com/1015803"
},
{
"category": "self",
"summary": "SUSE Bug 1015817",
"url": "https://bugzilla.suse.com/1015817"
},
{
"category": "self",
"summary": "SUSE Bug 1015828",
"url": "https://bugzilla.suse.com/1015828"
},
{
"category": "self",
"summary": "SUSE Bug 1015844",
"url": "https://bugzilla.suse.com/1015844"
},
{
"category": "self",
"summary": "SUSE Bug 1015848",
"url": "https://bugzilla.suse.com/1015848"
},
{
"category": "self",
"summary": "SUSE Bug 1015878",
"url": "https://bugzilla.suse.com/1015878"
},
{
"category": "self",
"summary": "SUSE Bug 1015932",
"url": "https://bugzilla.suse.com/1015932"
},
{
"category": "self",
"summary": "SUSE Bug 1016320",
"url": "https://bugzilla.suse.com/1016320"
},
{
"category": "self",
"summary": "SUSE Bug 1016505",
"url": "https://bugzilla.suse.com/1016505"
},
{
"category": "self",
"summary": "SUSE Bug 1016520",
"url": "https://bugzilla.suse.com/1016520"
},
{
"category": "self",
"summary": "SUSE Bug 1016668",
"url": "https://bugzilla.suse.com/1016668"
},
{
"category": "self",
"summary": "SUSE Bug 1016688",
"url": "https://bugzilla.suse.com/1016688"
},
{
"category": "self",
"summary": "SUSE Bug 1016824",
"url": "https://bugzilla.suse.com/1016824"
},
{
"category": "self",
"summary": "SUSE Bug 1016831",
"url": "https://bugzilla.suse.com/1016831"
},
{
"category": "self",
"summary": "SUSE Bug 1017686",
"url": "https://bugzilla.suse.com/1017686"
},
{
"category": "self",
"summary": "SUSE Bug 1017710",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "self",
"summary": "SUSE Bug 1019148",
"url": "https://bugzilla.suse.com/1019148"
},
{
"category": "self",
"summary": "SUSE Bug 1019165",
"url": "https://bugzilla.suse.com/1019165"
},
{
"category": "self",
"summary": "SUSE Bug 1019348",
"url": "https://bugzilla.suse.com/1019348"
},
{
"category": "self",
"summary": "SUSE Bug 1019783",
"url": "https://bugzilla.suse.com/1019783"
},
{
"category": "self",
"summary": "SUSE Bug 1020214",
"url": "https://bugzilla.suse.com/1020214"
},
{
"category": "self",
"summary": "SUSE Bug 1021258",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "self",
"summary": "SUSE Bug 748806",
"url": "https://bugzilla.suse.com/748806"
},
{
"category": "self",
"summary": "SUSE Bug 763198",
"url": "https://bugzilla.suse.com/763198"
},
{
"category": "self",
"summary": "SUSE Bug 771065",
"url": "https://bugzilla.suse.com/771065"
},
{
"category": "self",
"summary": "SUSE Bug 786036",
"url": "https://bugzilla.suse.com/786036"
},
{
"category": "self",
"summary": "SUSE Bug 790588",
"url": "https://bugzilla.suse.com/790588"
},
{
"category": "self",
"summary": "SUSE Bug 795297",
"url": "https://bugzilla.suse.com/795297"
},
{
"category": "self",
"summary": "SUSE Bug 799133",
"url": "https://bugzilla.suse.com/799133"
},
{
"category": "self",
"summary": "SUSE Bug 800999",
"url": "https://bugzilla.suse.com/800999"
},
{
"category": "self",
"summary": "SUSE Bug 803320",
"url": "https://bugzilla.suse.com/803320"
},
{
"category": "self",
"summary": "SUSE Bug 821612",
"url": "https://bugzilla.suse.com/821612"
},
{
"category": "self",
"summary": "SUSE Bug 824171",
"url": "https://bugzilla.suse.com/824171"
},
{
"category": "self",
"summary": "SUSE Bug 851603",
"url": "https://bugzilla.suse.com/851603"
},
{
"category": "self",
"summary": "SUSE Bug 853052",
"url": "https://bugzilla.suse.com/853052"
},
{
"category": "self",
"summary": "SUSE Bug 860441",
"url": "https://bugzilla.suse.com/860441"
},
{
"category": "self",
"summary": "SUSE Bug 863873",
"url": "https://bugzilla.suse.com/863873"
},
{
"category": "self",
"summary": "SUSE Bug 865783",
"url": "https://bugzilla.suse.com/865783"
},
{
"category": "self",
"summary": "SUSE Bug 871728",
"url": "https://bugzilla.suse.com/871728"
},
{
"category": "self",
"summary": "SUSE Bug 901809",
"url": "https://bugzilla.suse.com/901809"
},
{
"category": "self",
"summary": "SUSE Bug 907611",
"url": "https://bugzilla.suse.com/907611"
},
{
"category": "self",
"summary": "SUSE Bug 908458",
"url": "https://bugzilla.suse.com/908458"
},
{
"category": "self",
"summary": "SUSE Bug 908684",
"url": "https://bugzilla.suse.com/908684"
},
{
"category": "self",
"summary": "SUSE Bug 909077",
"url": "https://bugzilla.suse.com/909077"
},
{
"category": "self",
"summary": "SUSE Bug 909350",
"url": "https://bugzilla.suse.com/909350"
},
{
"category": "self",
"summary": "SUSE Bug 909484",
"url": "https://bugzilla.suse.com/909484"
},
{
"category": "self",
"summary": "SUSE Bug 909491",
"url": "https://bugzilla.suse.com/909491"
},
{
"category": "self",
"summary": "SUSE Bug 909618",
"url": "https://bugzilla.suse.com/909618"
},
{
"category": "self",
"summary": "SUSE Bug 913387",
"url": "https://bugzilla.suse.com/913387"
},
{
"category": "self",
"summary": "SUSE Bug 914939",
"url": "https://bugzilla.suse.com/914939"
},
{
"category": "self",
"summary": "SUSE Bug 919382",
"url": "https://bugzilla.suse.com/919382"
},
{
"category": "self",
"summary": "SUSE Bug 922634",
"url": "https://bugzilla.suse.com/922634"
},
{
"category": "self",
"summary": "SUSE Bug 924708",
"url": "https://bugzilla.suse.com/924708"
},
{
"category": "self",
"summary": "SUSE Bug 925065",
"url": "https://bugzilla.suse.com/925065"
},
{
"category": "self",
"summary": "SUSE Bug 928138",
"url": "https://bugzilla.suse.com/928138"
},
{
"category": "self",
"summary": "SUSE Bug 929141",
"url": "https://bugzilla.suse.com/929141"
},
{
"category": "self",
"summary": "SUSE Bug 953233",
"url": "https://bugzilla.suse.com/953233"
},
{
"category": "self",
"summary": "SUSE Bug 956514",
"url": "https://bugzilla.suse.com/956514"
},
{
"category": "self",
"summary": "SUSE Bug 960689",
"url": "https://bugzilla.suse.com/960689"
},
{
"category": "self",
"summary": "SUSE Bug 961589",
"url": "https://bugzilla.suse.com/961589"
},
{
"category": "self",
"summary": "SUSE Bug 962846",
"url": "https://bugzilla.suse.com/962846"
},
{
"category": "self",
"summary": "SUSE Bug 963655",
"url": "https://bugzilla.suse.com/963655"
},
{
"category": "self",
"summary": "SUSE Bug 967716",
"url": "https://bugzilla.suse.com/967716"
},
{
"category": "self",
"summary": "SUSE Bug 968010",
"url": "https://bugzilla.suse.com/968010"
},
{
"category": "self",
"summary": "SUSE Bug 969340",
"url": "https://bugzilla.suse.com/969340"
},
{
"category": "self",
"summary": "SUSE Bug 973203",
"url": "https://bugzilla.suse.com/973203"
},
{
"category": "self",
"summary": "SUSE Bug 973691",
"url": "https://bugzilla.suse.com/973691"
},
{
"category": "self",
"summary": "SUSE Bug 979681",
"url": "https://bugzilla.suse.com/979681"
},
{
"category": "self",
"summary": "SUSE Bug 984194",
"url": "https://bugzilla.suse.com/984194"
},
{
"category": "self",
"summary": "SUSE Bug 986337",
"url": "https://bugzilla.suse.com/986337"
},
{
"category": "self",
"summary": "SUSE Bug 987333",
"url": "https://bugzilla.suse.com/987333"
},
{
"category": "self",
"summary": "SUSE Bug 987576",
"url": "https://bugzilla.suse.com/987576"
},
{
"category": "self",
"summary": "SUSE Bug 989152",
"url": "https://bugzilla.suse.com/989152"
},
{
"category": "self",
"summary": "SUSE Bug 989680",
"url": "https://bugzilla.suse.com/989680"
},
{
"category": "self",
"summary": "SUSE Bug 989764",
"url": "https://bugzilla.suse.com/989764"
},
{
"category": "self",
"summary": "SUSE Bug 989896",
"url": "https://bugzilla.suse.com/989896"
},
{
"category": "self",
"summary": "SUSE Bug 990245",
"url": "https://bugzilla.suse.com/990245"
},
{
"category": "self",
"summary": "SUSE Bug 992566",
"url": "https://bugzilla.suse.com/992566"
},
{
"category": "self",
"summary": "SUSE Bug 992991",
"url": "https://bugzilla.suse.com/992991"
},
{
"category": "self",
"summary": "SUSE Bug 993739",
"url": "https://bugzilla.suse.com/993739"
},
{
"category": "self",
"summary": "SUSE Bug 993832",
"url": "https://bugzilla.suse.com/993832"
},
{
"category": "self",
"summary": "SUSE Bug 995968",
"url": "https://bugzilla.suse.com/995968"
},
{
"category": "self",
"summary": "SUSE Bug 996541",
"url": "https://bugzilla.suse.com/996541"
},
{
"category": "self",
"summary": "SUSE Bug 996557",
"url": "https://bugzilla.suse.com/996557"
},
{
"category": "self",
"summary": "SUSE Bug 997401",
"url": "https://bugzilla.suse.com/997401"
},
{
"category": "self",
"summary": "SUSE Bug 998689",
"url": "https://bugzilla.suse.com/998689"
},
{
"category": "self",
"summary": "SUSE Bug 999101",
"url": "https://bugzilla.suse.com/999101"
},
{
"category": "self",
"summary": "SUSE Bug 999907",
"url": "https://bugzilla.suse.com/999907"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2004-0230 page",
"url": "https://www.suse.com/security/cve/CVE-2004-0230/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-6704 page",
"url": "https://www.suse.com/security/cve/CVE-2012-6704/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2013-6368 page",
"url": "https://www.suse.com/security/cve/CVE-2013-6368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1350 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8956 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8956/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8962 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8962/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-8964 page",
"url": "https://www.suse.com/security/cve/CVE-2015-8964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10088 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10088/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3841 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5696 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5696/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7042 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7042/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7097 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7097/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7117 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7910 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7911 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7911/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7916 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7916/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8399 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8632 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8632/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8633 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8633/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-8646 page",
"url": "https://www.suse.com/security/cve/CVE-2016-8646/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9555 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9576 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9576/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9685 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9685/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9756 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9756/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9793 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9793/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9794 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9794/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5551 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5551/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-04-25T14:34:26Z",
"generator": {
"date": "2017-04-25T14:34:26Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:1102-1",
"initial_release_date": "2017-04-25T14:34:26Z",
"revision_history": [
{
"date": "2017-04-25T14:34:26Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt-base-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-source-rt-3.0.101.rt130-68.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64",
"product": {
"name": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64",
"product_id": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:suse-linux-enterprise-rt:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
},
"product_reference": "kernel-syms-rt-3.0.101.rt130-68.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2004-0230",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2004-0230"
}
],
"notes": [
{
"category": "general",
"text": "TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service (connection loss) to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2004-0230",
"url": "https://www.suse.com/security/cve/CVE-2004-0230"
},
{
"category": "external",
"summary": "SUSE Bug 1184394 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/1184394"
},
{
"category": "external",
"summary": "SUSE Bug 1198501 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/1198501"
},
{
"category": "external",
"summary": "SUSE Bug 1206598 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/1206598"
},
{
"category": "external",
"summary": "SUSE Bug 969340 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/969340"
},
{
"category": "external",
"summary": "SUSE Bug 989152 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/989152"
},
{
"category": "external",
"summary": "SUSE Bug 992991 for CVE-2004-0230",
"url": "https://bugzilla.suse.com/992991"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "low"
}
],
"title": "CVE-2004-0230"
},
{
"cve": "CVE-2012-6704",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-6704"
}
],
"notes": [
{
"category": "general",
"text": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUF or (2) SO_RCVBUF option.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-6704",
"url": "https://www.suse.com/security/cve/CVE-2012-6704"
},
{
"category": "external",
"summary": "SUSE Bug 1013531 for CVE-2012-6704",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "external",
"summary": "SUSE Bug 1013542 for CVE-2012-6704",
"url": "https://bugzilla.suse.com/1013542"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2012-6704",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2012-6704"
},
{
"cve": "CVE-2013-6368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2013-6368"
}
],
"notes": [
{
"category": "general",
"text": "The KVM subsystem in the Linux kernel through 3.12.5 allows local users to gain privileges or cause a denial of service (system crash) via a VAPIC synchronization operation involving a page-end address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2013-6368",
"url": "https://www.suse.com/security/cve/CVE-2013-6368"
},
{
"category": "external",
"summary": "SUSE Bug 853052 for CVE-2013-6368",
"url": "https://bugzilla.suse.com/853052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2013-6368"
},
{
"cve": "CVE-2015-1350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1350"
}
],
"notes": [
{
"category": "general",
"text": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1350",
"url": "https://www.suse.com/security/cve/CVE-2015-1350"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2015-1350",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 914939 for CVE-2015-1350",
"url": "https://bugzilla.suse.com/914939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2015-1350"
},
{
"cve": "CVE-2015-8956",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8956"
}
],
"notes": [
{
"category": "general",
"text": "The rfcomm_sock_bind function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 4.2 allows local users to obtain sensitive information or cause a denial of service (NULL pointer dereference) via vectors involving a bind system call on a Bluetooth RFCOMM socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8956",
"url": "https://www.suse.com/security/cve/CVE-2015-8956"
},
{
"category": "external",
"summary": "SUSE Bug 1003925 for CVE-2015-8956",
"url": "https://bugzilla.suse.com/1003925"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2015-8956"
},
{
"cve": "CVE-2015-8962",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8962"
}
],
"notes": [
{
"category": "general",
"text": "Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel before 4.4 allows local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8962",
"url": "https://www.suse.com/security/cve/CVE-2015-8962"
},
{
"category": "external",
"summary": "SUSE Bug 1010501 for CVE-2015-8962",
"url": "https://bugzilla.suse.com/1010501"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-8962",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2015-8962"
},
{
"cve": "CVE-2015-8964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-8964"
}
],
"notes": [
{
"category": "general",
"text": "The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-8964",
"url": "https://www.suse.com/security/cve/CVE-2015-8964"
},
{
"category": "external",
"summary": "SUSE Bug 1010507 for CVE-2015-8964",
"url": "https://bugzilla.suse.com/1010507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "low"
}
],
"title": "CVE-2015-8964"
},
{
"cve": "CVE-2016-10088",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10088"
}
],
"notes": [
{
"category": "general",
"text": "The sg implementation in the Linux kernel through 4.9 does not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device, related to block/bsg.c and drivers/scsi/sg.c. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-9576.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10088",
"url": "https://www.suse.com/security/cve/CVE-2016-10088"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-10088",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2016-10088"
},
{
"cve": "CVE-2016-3841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3841"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service (use-after-free and system crash) via a crafted sendmsg system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3841",
"url": "https://www.suse.com/security/cve/CVE-2016-3841"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-3841",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-3841",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 992566 for CVE-2016-3841",
"url": "https://bugzilla.suse.com/992566"
},
{
"category": "external",
"summary": "SUSE Bug 992569 for CVE-2016-3841",
"url": "https://bugzilla.suse.com/992569"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-3841"
},
{
"cve": "CVE-2016-5696",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5696"
}
],
"notes": [
{
"category": "general",
"text": "net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments, which makes it easier for remote attackers to hijack TCP sessions via a blind in-window attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5696",
"url": "https://www.suse.com/security/cve/CVE-2016-5696"
},
{
"category": "external",
"summary": "SUSE Bug 1020452 for CVE-2016-5696",
"url": "https://bugzilla.suse.com/1020452"
},
{
"category": "external",
"summary": "SUSE Bug 1175721 for CVE-2016-5696",
"url": "https://bugzilla.suse.com/1175721"
},
{
"category": "external",
"summary": "SUSE Bug 989152 for CVE-2016-5696",
"url": "https://bugzilla.suse.com/989152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-5696"
},
{
"cve": "CVE-2016-7042",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7042"
}
],
"notes": [
{
"category": "general",
"text": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7042",
"url": "https://www.suse.com/security/cve/CVE-2016-7042"
},
{
"category": "external",
"summary": "SUSE Bug 1004517 for CVE-2016-7042",
"url": "https://bugzilla.suse.com/1004517"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-7042"
},
{
"cve": "CVE-2016-7097",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7097"
}
],
"notes": [
{
"category": "general",
"text": "The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7097",
"url": "https://www.suse.com/security/cve/CVE-2016-7097"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/870618"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2016-7097",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "low"
}
],
"title": "CVE-2016-7097"
},
{
"cve": "CVE-2016-7117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7117"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7117",
"url": "https://www.suse.com/security/cve/CVE-2016-7117"
},
{
"category": "external",
"summary": "SUSE Bug 1003077 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "external",
"summary": "SUSE Bug 1003253 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003253"
},
{
"category": "external",
"summary": "SUSE Bug 1057478 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1057478"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1071943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-7117"
},
{
"cve": "CVE-2016-7910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7910"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel before 4.7.1 allows local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7910",
"url": "https://www.suse.com/security/cve/CVE-2016-7910"
},
{
"category": "external",
"summary": "SUSE Bug 1010716 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1010716"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1196722 for CVE-2016-7910",
"url": "https://bugzilla.suse.com/1196722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2016-7910"
},
{
"cve": "CVE-2016-7911",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7911"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel before 4.6.6 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7911",
"url": "https://www.suse.com/security/cve/CVE-2016-7911"
},
{
"category": "external",
"summary": "SUSE Bug 1010711 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1010711"
},
{
"category": "external",
"summary": "SUSE Bug 1010713 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1010713"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-7911",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-7911"
},
{
"cve": "CVE-2016-7916",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7916"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the environ_read function in fs/proc/base.c in the Linux kernel before 4.5.4 allows local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7916",
"url": "https://www.suse.com/security/cve/CVE-2016-7916"
},
{
"category": "external",
"summary": "SUSE Bug 1010467 for CVE-2016-7916",
"url": "https://bugzilla.suse.com/1010467"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-7916"
},
{
"cve": "CVE-2016-8399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8399"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel networking subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and current compiler optimizations restrict access to the vulnerable code. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31349935.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8399",
"url": "https://www.suse.com/security/cve/CVE-2016-8399"
},
{
"category": "external",
"summary": "SUSE Bug 1014746 for CVE-2016-8399",
"url": "https://bugzilla.suse.com/1014746"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-8399",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-8399"
},
{
"cve": "CVE-2016-8632",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8632"
}
],
"notes": [
{
"category": "general",
"text": "The tipc_msg_build function in net/tipc/msg.c in the Linux kernel through 4.8.11 does not validate the relationship between the minimum fragment length and the maximum packet size, which allows local users to gain privileges or cause a denial of service (heap-based buffer overflow) by leveraging the CAP_NET_ADMIN capability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8632",
"url": "https://www.suse.com/security/cve/CVE-2016-8632"
},
{
"category": "external",
"summary": "SUSE Bug 1008831 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1008831"
},
{
"category": "external",
"summary": "SUSE Bug 1012852 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1012852"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-8632",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-8632"
},
{
"cve": "CVE-2016-8633",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8633"
}
],
"notes": [
{
"category": "general",
"text": "drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations, allows remote attackers to execute arbitrary code via crafted fragmented packets.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8633",
"url": "https://www.suse.com/security/cve/CVE-2016-8633"
},
{
"category": "external",
"summary": "SUSE Bug 1008833 for CVE-2016-8633",
"url": "https://bugzilla.suse.com/1008833"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-8633"
},
{
"cve": "CVE-2016-8646",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-8646"
}
],
"notes": [
{
"category": "general",
"text": "The hash_accept function in crypto/algif_hash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-8646",
"url": "https://www.suse.com/security/cve/CVE-2016-8646"
},
{
"category": "external",
"summary": "SUSE Bug 1010150 for CVE-2016-8646",
"url": "https://bugzilla.suse.com/1010150"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-8646"
},
{
"cve": "CVE-2016-9555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9555"
}
],
"notes": [
{
"category": "general",
"text": "The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel before 4.8.8 lacks chunk-length checking for the first chunk, which allows remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9555",
"url": "https://www.suse.com/security/cve/CVE-2016-9555"
},
{
"category": "external",
"summary": "SUSE Bug 1011685 for CVE-2016-9555",
"url": "https://bugzilla.suse.com/1011685"
},
{
"category": "external",
"summary": "SUSE Bug 1012183 for CVE-2016-9555",
"url": "https://bugzilla.suse.com/1012183"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9555",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-9555"
},
{
"cve": "CVE-2016-9576",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9576"
}
],
"notes": [
{
"category": "general",
"text": "The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 4.8.14 does not properly restrict the type of iterator, which allows local users to read or write to arbitrary kernel memory locations or cause a denial of service (use-after-free) by leveraging access to a /dev/sg device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9576",
"url": "https://www.suse.com/security/cve/CVE-2016-9576"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1013604"
},
{
"category": "external",
"summary": "SUSE Bug 1014271 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1014271"
},
{
"category": "external",
"summary": "SUSE Bug 1017710 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1017710"
},
{
"category": "external",
"summary": "SUSE Bug 1019079 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019079"
},
{
"category": "external",
"summary": "SUSE Bug 1019668 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1019668"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9576",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2016-9576"
},
{
"cve": "CVE-2016-9685",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9685"
}
],
"notes": [
{
"category": "general",
"text": "Multiple memory leaks in error paths in fs/xfs/xfs_attr_list.c in the Linux kernel before 4.5.1 allow local users to cause a denial of service (memory consumption) via crafted XFS filesystem operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9685",
"url": "https://www.suse.com/security/cve/CVE-2016-9685"
},
{
"category": "external",
"summary": "SUSE Bug 1012832 for CVE-2016-9685",
"url": "https://bugzilla.suse.com/1012832"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "low"
}
],
"title": "CVE-2016-9685"
},
{
"cve": "CVE-2016-9756",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9756"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/emulate.c in the Linux kernel before 4.8.12 does not properly initialize Code Segment (CS) in certain error cases, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9756",
"url": "https://www.suse.com/security/cve/CVE-2016-9756"
},
{
"category": "external",
"summary": "SUSE Bug 1013038 for CVE-2016-9756",
"url": "https://bugzilla.suse.com/1013038"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-9756"
},
{
"cve": "CVE-2016-9793",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9793"
}
],
"notes": [
{
"category": "general",
"text": "The sock_setsockopt function in net/core/sock.c in the Linux kernel before 4.8.14 mishandles negative values of sk_sndbuf and sk_rcvbuf, which allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability for a crafted setsockopt system call with the (1) SO_SNDBUFFORCE or (2) SO_RCVBUFFORCE option.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9793",
"url": "https://www.suse.com/security/cve/CVE-2016-9793"
},
{
"category": "external",
"summary": "SUSE Bug 1013531 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1013531"
},
{
"category": "external",
"summary": "SUSE Bug 1013542 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1013542"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2016-9793",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2016-9793"
},
{
"cve": "CVE-2016-9794",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9794"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the snd_pcm_period_elapsed function in sound/core/pcm_lib.c in the ALSA subsystem in the Linux kernel before 4.7 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted SNDRV_PCM_TRIGGER_START command.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9794",
"url": "https://www.suse.com/security/cve/CVE-2016-9794"
},
{
"category": "external",
"summary": "SUSE Bug 1013533 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013533"
},
{
"category": "external",
"summary": "SUSE Bug 1013543 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013543"
},
{
"category": "external",
"summary": "SUSE Bug 1013604 for CVE-2016-9794",
"url": "https://bugzilla.suse.com/1013604"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "important"
}
],
"title": "CVE-2016-9794"
},
{
"cve": "CVE-2017-5551",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5551"
}
],
"notes": [
{
"category": "general",
"text": "The simple_set_acl function in fs/posix_acl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-7097.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5551",
"url": "https://www.suse.com/security/cve/CVE-2017-5551"
},
{
"category": "external",
"summary": "SUSE Bug 1021258 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/1021258"
},
{
"category": "external",
"summary": "SUSE Bug 995968 for CVE-2017-5551",
"url": "https://bugzilla.suse.com/995968"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-68.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-68.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-04-25T14:34:26Z",
"details": "moderate"
}
],
"title": "CVE-2017-5551"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…