Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-1000253 (GCVE-0-2017-1000253)
Vulnerability from cvelistv5 – Published: 2017-10-04 01:00 – Updated: 2025-10-21 23:55
VLAI
EPSS
CISA KEV
Summary
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.
Severity
7.8 (High)
SSVC
Exploitation: active
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Assigner
References
14 references
Impacted products
16 products
| Vendor | Product | Version | |
|---|---|---|---|
| centos | centos |
Affected:
6.0
cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
6.1
cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
6.2
cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
6.3
cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
6.4
cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
6.5
cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
6.6
cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
6.7
cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
6.8
cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
6.9
cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
7.1406
cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
7.1503
cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
7.1511
cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:* |
|
| centos | centos |
Affected:
7.1611
cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:* |
|
| redhat | enterprise_linux |
Affected:
6.0
Affected: 6.1 Affected: 6.2 Affected: 6.3 Affected: 6.4 Affected: 6.5 Affected: 6.6 Affected: 6.7 Affected: 6.8 Affected: 6.9 Affected: 7.0 Affected: 7.1 Affected: 7.2 Affected: 7.3 cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:* |
|
| linux | linux_kernel |
Affected:
2.6.25 , < 3.2.70
(custom)
Affected: 3.3 , < 3.4.109 (custom) Affected: 3.5 , < 3.10.77 (custom) Affected: 3.11 , < 3.12.43 (custom) Affected: 3.13 , < 3.14.41 (custom) Affected: 3.15 , < 3.16.35 (custom) Affected: 3.17 , < 3.18.14 (custom) Affected: 3.19 , < 3.19.7 (custom) Affected: 1.0 , < 4.0.2 (custom) cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* |
Date Public
2017-10-03 00:00
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 94a87d91-f9f4-4918-846a-7e551dd2363c
Exploited: Yes
Timestamps
First Seen: 2024-09-09
Asserted: 2024-09-09
Scope
Notes: KEV entry: Linux Kernel PIE Stack Buffer Corruption Vulnerability | Affected: Linux / Kernel | Description: Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. | Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. | Due date: 2024-09-30 | Known ransomware campaign use (KEV): Known | Notes (KEV): This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86; https://nvd.nist.gov/vuln/detail/CVE-2017-1000253
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-119 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Kernel |
| Due Date | 2024-09-30 |
| Date Added | 2024-09-09 |
| Vendorproject | Linux |
| Vulnerabilityname | Linux Kernel PIE Stack Buffer Corruption Vulnerability |
| Knownransomwarecampaignuse | Known |
References
Created: 2026-02-02 12:26 UTC
| Updated: 2026-02-06 07:17 UTC
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T22:00:39.693Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "RHSA-2017:2798",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2798"
},
{
"name": "RHSA-2017:2795",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2795"
},
{
"name": "1039434",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039434"
},
{
"name": "RHSA-2017:2801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2801"
},
{
"name": "RHSA-2017:2796",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2796"
},
{
"name": "101010",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/101010"
},
{
"name": "RHSA-2017:2799",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2799"
},
{
"name": "RHSA-2017:2794",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2794"
},
{
"name": "RHSA-2017:2793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2793"
},
{
"name": "RHSA-2017:2797",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2797"
},
{
"name": "RHSA-2017:2802",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2802"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
},
{
"name": "RHSA-2017:2800",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2800"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.0"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.1"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.2"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.4"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.5"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.6"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.7"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.8"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "6.9"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "7.1406"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "7.1503"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "7.1511"
}
]
},
{
"cpes": [
"cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "centos",
"vendor": "centos",
"versions": [
{
"status": "affected",
"version": "7.1611"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "enterprise_linux",
"vendor": "redhat",
"versions": [
{
"status": "affected",
"version": "6.0"
},
{
"status": "affected",
"version": "6.1"
},
{
"status": "affected",
"version": "6.2"
},
{
"status": "affected",
"version": "6.3"
},
{
"status": "affected",
"version": "6.4"
},
{
"status": "affected",
"version": "6.5"
},
{
"status": "affected",
"version": "6.6"
},
{
"status": "affected",
"version": "6.7"
},
{
"status": "affected",
"version": "6.8"
},
{
"status": "affected",
"version": "6.9"
},
{
"status": "affected",
"version": "7.0"
},
{
"status": "affected",
"version": "7.1"
},
{
"status": "affected",
"version": "7.2"
},
{
"status": "affected",
"version": "7.3"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3.2.70",
"status": "affected",
"version": "2.6.25",
"versionType": "custom"
},
{
"lessThan": "3.4.109",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.10.77",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.12.43",
"status": "affected",
"version": "3.11",
"versionType": "custom"
},
{
"lessThan": "3.14.41",
"status": "affected",
"version": "3.13",
"versionType": "custom"
},
{
"lessThan": "3.16.35",
"status": "affected",
"version": "3.15",
"versionType": "custom"
},
{
"lessThan": "3.18.14",
"status": "affected",
"version": "3.17",
"versionType": "custom"
},
{
"lessThan": "3.19.7",
"status": "affected",
"version": "3.19",
"versionType": "custom"
},
{
"lessThan": "4.0.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3.2.70",
"status": "affected",
"version": "2.6.25",
"versionType": "custom"
},
{
"lessThan": "3.4.109",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.10.77",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.12.43",
"status": "affected",
"version": "3.11",
"versionType": "custom"
},
{
"lessThan": "3.14.41",
"status": "affected",
"version": "3.13",
"versionType": "custom"
},
{
"lessThan": "3.16.35",
"status": "affected",
"version": "3.15",
"versionType": "custom"
},
{
"lessThan": "3.18.14",
"status": "affected",
"version": "3.17",
"versionType": "custom"
},
{
"lessThan": "3.19.7",
"status": "affected",
"version": "3.19",
"versionType": "custom"
},
{
"lessThan": "4.0.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3.2.70",
"status": "affected",
"version": "2.6.25",
"versionType": "custom"
},
{
"lessThan": "3.4.109",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.10.77",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.12.43",
"status": "affected",
"version": "3.11",
"versionType": "custom"
},
{
"lessThan": "3.14.41",
"status": "affected",
"version": "3.13",
"versionType": "custom"
},
{
"lessThan": "3.16.35",
"status": "affected",
"version": "3.15",
"versionType": "custom"
},
{
"lessThan": "3.18.14",
"status": "affected",
"version": "3.17",
"versionType": "custom"
},
{
"lessThan": "3.19.7",
"status": "affected",
"version": "3.19",
"versionType": "custom"
},
{
"lessThan": "4.0.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3.2.70",
"status": "affected",
"version": "2.6.25",
"versionType": "custom"
},
{
"lessThan": "3.4.109",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.10.77",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.12.43",
"status": "affected",
"version": "3.11",
"versionType": "custom"
},
{
"lessThan": "3.14.41",
"status": "affected",
"version": "3.13",
"versionType": "custom"
},
{
"lessThan": "3.16.35",
"status": "affected",
"version": "3.15",
"versionType": "custom"
},
{
"lessThan": "3.18.14",
"status": "affected",
"version": "3.17",
"versionType": "custom"
},
{
"lessThan": "3.19.7",
"status": "affected",
"version": "3.19",
"versionType": "custom"
},
{
"lessThan": "4.0.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3.2.70",
"status": "affected",
"version": "2.6.25",
"versionType": "custom"
},
{
"lessThan": "3.4.109",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.10.77",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.12.43",
"status": "affected",
"version": "3.11",
"versionType": "custom"
},
{
"lessThan": "3.14.41",
"status": "affected",
"version": "3.13",
"versionType": "custom"
},
{
"lessThan": "3.16.35",
"status": "affected",
"version": "3.15",
"versionType": "custom"
},
{
"lessThan": "3.18.14",
"status": "affected",
"version": "3.17",
"versionType": "custom"
},
{
"lessThan": "3.19.7",
"status": "affected",
"version": "3.19",
"versionType": "custom"
},
{
"lessThan": "4.0.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3.2.70",
"status": "affected",
"version": "2.6.25",
"versionType": "custom"
},
{
"lessThan": "3.4.109",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.10.77",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.12.43",
"status": "affected",
"version": "3.11",
"versionType": "custom"
},
{
"lessThan": "3.14.41",
"status": "affected",
"version": "3.13",
"versionType": "custom"
},
{
"lessThan": "3.16.35",
"status": "affected",
"version": "3.15",
"versionType": "custom"
},
{
"lessThan": "3.18.14",
"status": "affected",
"version": "3.17",
"versionType": "custom"
},
{
"lessThan": "3.19.7",
"status": "affected",
"version": "3.19",
"versionType": "custom"
},
{
"lessThan": "4.0.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3.2.70",
"status": "affected",
"version": "2.6.25",
"versionType": "custom"
},
{
"lessThan": "3.4.109",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.10.77",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.12.43",
"status": "affected",
"version": "3.11",
"versionType": "custom"
},
{
"lessThan": "3.14.41",
"status": "affected",
"version": "3.13",
"versionType": "custom"
},
{
"lessThan": "3.16.35",
"status": "affected",
"version": "3.15",
"versionType": "custom"
},
{
"lessThan": "3.18.14",
"status": "affected",
"version": "3.17",
"versionType": "custom"
},
{
"lessThan": "3.19.7",
"status": "affected",
"version": "3.19",
"versionType": "custom"
},
{
"lessThan": "4.0.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3.2.70",
"status": "affected",
"version": "2.6.25",
"versionType": "custom"
},
{
"lessThan": "3.4.109",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.10.77",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.12.43",
"status": "affected",
"version": "3.11",
"versionType": "custom"
},
{
"lessThan": "3.14.41",
"status": "affected",
"version": "3.13",
"versionType": "custom"
},
{
"lessThan": "3.16.35",
"status": "affected",
"version": "3.15",
"versionType": "custom"
},
{
"lessThan": "3.18.14",
"status": "affected",
"version": "3.17",
"versionType": "custom"
},
{
"lessThan": "3.19.7",
"status": "affected",
"version": "3.19",
"versionType": "custom"
},
{
"lessThan": "4.0.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "linux_kernel",
"vendor": "linux",
"versions": [
{
"lessThan": "3.2.70",
"status": "affected",
"version": "2.6.25",
"versionType": "custom"
},
{
"lessThan": "3.4.109",
"status": "affected",
"version": "3.3",
"versionType": "custom"
},
{
"lessThan": "3.10.77",
"status": "affected",
"version": "3.5",
"versionType": "custom"
},
{
"lessThan": "3.12.43",
"status": "affected",
"version": "3.11",
"versionType": "custom"
},
{
"lessThan": "3.14.41",
"status": "affected",
"version": "3.13",
"versionType": "custom"
},
{
"lessThan": "3.16.35",
"status": "affected",
"version": "3.15",
"versionType": "custom"
},
{
"lessThan": "3.18.14",
"status": "affected",
"version": "3.17",
"versionType": "custom"
},
{
"lessThan": "3.19.7",
"status": "affected",
"version": "3.19",
"versionType": "custom"
},
{
"lessThan": "4.0.2",
"status": "affected",
"version": "1.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2017-1000253",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T03:55:15.715774Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2024-09-09",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-1000253"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-119",
"description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T23:55:32.192Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-1000253"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-09-09T00:00:00.000Z",
"value": "CVE-2017-1000253 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"dateAssigned": "2017-09-25T00:00:00.000Z",
"datePublic": "2017-10-03T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-08T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "RHSA-2017:2798",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2798"
},
{
"name": "RHSA-2017:2795",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2795"
},
{
"name": "1039434",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039434"
},
{
"name": "RHSA-2017:2801",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2801"
},
{
"name": "RHSA-2017:2796",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2796"
},
{
"name": "101010",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/101010"
},
{
"name": "RHSA-2017:2799",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2799"
},
{
"name": "RHSA-2017:2794",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2794"
},
{
"name": "RHSA-2017:2793",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2793"
},
{
"name": "RHSA-2017:2797",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2797"
},
{
"name": "RHSA-2017:2802",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2802"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
},
{
"name": "RHSA-2017:2800",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2800"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_ASSIGNED": "2017-09-25",
"ID": "CVE-2017-1000253",
"REQUESTER": "qsa@qualys.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2017:2798",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2798"
},
{
"name": "RHSA-2017:2795",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2795"
},
{
"name": "1039434",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039434"
},
{
"name": "RHSA-2017:2801",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2801"
},
{
"name": "RHSA-2017:2796",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2796"
},
{
"name": "101010",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/101010"
},
{
"name": "RHSA-2017:2799",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2799"
},
{
"name": "RHSA-2017:2794",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2794"
},
{
"name": "RHSA-2017:2793",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2793"
},
{
"name": "RHSA-2017:2797",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2797"
},
{
"name": "RHSA-2017:2802",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2802"
},
{
"name": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt",
"refsource": "MISC",
"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
},
{
"name": "RHSA-2017:2800",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2800"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-1000253",
"datePublished": "2017-10-04T01:00:00.000Z",
"dateReserved": "2017-10-03T00:00:00.000Z",
"dateUpdated": "2025-10-21T23:55:32.192Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2017-1000253",
"cwes": "[\"CWE-119\"]",
"dateAdded": "2024-09-09",
"dueDate": "2024-09-30",
"knownRansomwareCampaignUse": "Known",
"notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86; https://nvd.nist.gov/vuln/detail/CVE-2017-1000253",
"product": "Kernel",
"requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"shortDescription": "Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. ",
"vendorProject": "Linux",
"vulnerabilityName": "Linux Kernel PIE Stack Buffer Corruption Vulnerability "
},
"epss": {
"cve": "CVE-2017-1000253",
"date": "2026-06-03",
"epss": "0.57266",
"percentile": "0.98185"
},
"fkie_nvd": {
"cisaActionDue": "2024-09-30",
"cisaExploitAdd": "2024-09-09",
"cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
"cisaVulnerabilityName": "Linux Kernel PIE Stack Buffer Corruption Vulnerability ",
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"ED1C5E1D-21F5-46FA-89F6-A9B7E4BC94EE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"455E5124-9EC1-4C73-997B-212D9DDC5949\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E3652270-3566-49BF-9235-EE041EF87E63\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FAE1DFBF-E5FF-42B1-B58C-34C94A8AB65F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"76CA16D1-B633-4E1A-A769-1587B4DFE09C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D880E621-F60A-4EDB-B3A5-93411DDF0E36\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDA91BDF-A89A-4EE1-AED9-9523B5C1DD7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"444146DF-7ACE-4D4A-AA39-CD17D4ADDD98\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"48FE5EA8-A978-464D-89E1-1AD187C92D2A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9420109A-E62E-40F9-9B82-EF9D5431680C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"27A0A2BB-D332-428B-AE50-3A5EC0551C79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AE32F8A2-B456-40CF-A6C0-27B8B9096A83\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"25459148-714C-4322-847A-FFF4D9B37EBF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3EB71F04-DF1E-48CE-BC2F-3A6A47C025BC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D5A165C-3721-4A87-839F-BD4F6778DA77\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A1F55A9-FAAF-4751-BA6A-93CDB31B11C6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9045284A-C762-4913-B5AF-8499235F969C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"905EC4D0-7604-476A-8176-9FFCEB1DC6B1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"564DCCFD-77BF-4FB1-A0A0-96104B154282\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"467A831E-C63B-476F-A71F-8FB52556BC45\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"84FF61DF-D634-4FB5-8DF1-01F631BE1A7A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"243980B8-4044-4776-B521-F9D709E68CCB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"39A7795D-CFD3-4643-A7A1-7AD7629B5511\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"266EA1B3-526F-4D12-873E-08CE3861AEA6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2E4DC974-235F-4655-966F-2490A4C4E490\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B99A2411-7F6A-457F-A7BF-EB13C630F902\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.6.25\", \"versionEndExcluding\": \"3.2.70\", \"matchCriteriaId\": \"64B31F8B-955E-437A-BD1C-8FDBC53CA2EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.3\", \"versionEndExcluding\": \"3.4.109\", \"matchCriteriaId\": \"6548E1CE-CC24-4E01-A277-1424BE536777\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.5\", \"versionEndExcluding\": \"3.10.77\", \"matchCriteriaId\": \"F018224B-768E-407A-AEA6-5CEFAC65534C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.11\", \"versionEndExcluding\": \"3.12.43\", \"matchCriteriaId\": \"3677661A-9F24-4A1D-A66A-DF9330DF6DB9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.13\", \"versionEndExcluding\": \"3.14.41\", \"matchCriteriaId\": \"E439BE91-83E3-4795-9E2D-C174EE1B84F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.15\", \"versionEndExcluding\": \"3.16.35\", \"matchCriteriaId\": \"7DC4BA70-B111-4D2E-BC78-6601CED68F08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.17\", \"versionEndExcluding\": \"3.18.14\", \"matchCriteriaId\": \"0BB16F9A-A3E5-4CAC-905D-F60426BBAD9D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.19\", \"versionEndExcluding\": \"3.19.7\", \"matchCriteriaId\": \"25099C5E-E14E-44D4-8482-0F87E1A22572\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.0\", \"versionEndExcluding\": \"4.0.2\", \"matchCriteriaId\": \"AB190AE4-287F-40B5-AC62-0B1E50DBE00D\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \\\"gap\\\" between the stack and the binary.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad en las distribuciones de Linux que no han parcheado sus kernels de largo mantenimiento con https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (confirmada el 14 de abril de 2015). Esta vulnerabilidad en los kernels se parche\\u00f3 en abril de 2015 por el commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (aplicado a Linux 3.10.77 en mayo de 2015), pero no se reconoci\\u00f3 como amenaza de seguridad. Con CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE habilitado y una estrategia vertical normal de asignaci\\u00f3n de direcciones, load_elf_binary() intentar\\u00e1 mapear un binario PIE en un rango de direcciones inmediatamente inferior a mm-\u003emmap_base. Por desgracia, load_elf_ binary() no tiene en cuenta la necesidad de asignar el suficiente espacio para todo el binario, lo que significa que, estando el primer segmento PT_LOAD est\\u00e1 mapeado bajo mm-\u003emmap_base, los siguientes segmentos PT_LOAD acaban mapeados sobre mm-\u003emmap_base en el \\u00e1rea que deber\\u00eda ser el \\\"hueco\\\" entre la pila y el binario.\"}]",
"id": "CVE-2017-1000253",
"lastModified": "2024-11-21T03:04:30.343",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-10-05T01:29:04.790",
"references": "[{\"url\": \"http://www.securityfocus.com/bid/101010\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1039434\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2793\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2794\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2795\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2796\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2797\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2798\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2799\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2800\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2801\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2802\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/101010\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1039434\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2793\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2794\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2795\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2796\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2797\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2798\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2799\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2800\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2801\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2802\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}, {\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-1000253\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-05T01:29:04.790\",\"lastModified\":\"2026-04-21T18:00:48.183\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \\\"gap\\\" between the stack and the binary.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad en las distribuciones de Linux que no han parcheado sus kernels de largo mantenimiento con https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (confirmada el 14 de abril de 2015). Esta vulnerabilidad en los kernels se parche\u00f3 en abril de 2015 por el commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (aplicado a Linux 3.10.77 en mayo de 2015), pero no se reconoci\u00f3 como amenaza de seguridad. Con CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE habilitado y una estrategia vertical normal de asignaci\u00f3n de direcciones, load_elf_binary() intentar\u00e1 mapear un binario PIE en un rango de direcciones inmediatamente inferior a mm-\u003emmap_base. Por desgracia, load_elf_ binary() no tiene en cuenta la necesidad de asignar el suficiente espacio para todo el binario, lo que significa que, estando el primer segmento PT_LOAD est\u00e1 mapeado bajo mm-\u003emmap_base, los siguientes segmentos PT_LOAD acaban mapeados sobre mm-\u003emmap_base en el \u00e1rea que deber\u00eda ser el \\\"hueco\\\" entre la pila y el binario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2024-09-09\",\"cisaActionDue\":\"2024-09-30\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Linux Kernel PIE Stack Buffer Corruption Vulnerability \",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED1C5E1D-21F5-46FA-89F6-A9B7E4BC94EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"455E5124-9EC1-4C73-997B-212D9DDC5949\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3652270-3566-49BF-9235-EE041EF87E63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAE1DFBF-E5FF-42B1-B58C-34C94A8AB65F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76CA16D1-B633-4E1A-A769-1587B4DFE09C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D880E621-F60A-4EDB-B3A5-93411DDF0E36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA91BDF-A89A-4EE1-AED9-9523B5C1DD7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"444146DF-7ACE-4D4A-AA39-CD17D4ADDD98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48FE5EA8-A978-464D-89E1-1AD187C92D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9420109A-E62E-40F9-9B82-EF9D5431680C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27A0A2BB-D332-428B-AE50-3A5EC0551C79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE32F8A2-B456-40CF-A6C0-27B8B9096A83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25459148-714C-4322-847A-FFF4D9B37EBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB71F04-DF1E-48CE-BC2F-3A6A47C025BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A165C-3721-4A87-839F-BD4F6778DA77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A1F55A9-FAAF-4751-BA6A-93CDB31B11C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9045284A-C762-4913-B5AF-8499235F969C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"905EC4D0-7604-476A-8176-9FFCEB1DC6B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"564DCCFD-77BF-4FB1-A0A0-96104B154282\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"467A831E-C63B-476F-A71F-8FB52556BC45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84FF61DF-D634-4FB5-8DF1-01F631BE1A7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"243980B8-4044-4776-B521-F9D709E68CCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39A7795D-CFD3-4643-A7A1-7AD7629B5511\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"266EA1B3-526F-4D12-873E-08CE3861AEA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E4DC974-235F-4655-966F-2490A4C4E490\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B99A2411-7F6A-457F-A7BF-EB13C630F902\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.25\",\"versionEndExcluding\":\"3.2.70\",\"matchCriteriaId\":\"64B31F8B-955E-437A-BD1C-8FDBC53CA2EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3\",\"versionEndExcluding\":\"3.4.109\",\"matchCriteriaId\":\"6548E1CE-CC24-4E01-A277-1424BE536777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5\",\"versionEndExcluding\":\"3.10.77\",\"matchCriteriaId\":\"F018224B-768E-407A-AEA6-5CEFAC65534C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.11\",\"versionEndExcluding\":\"3.12.43\",\"matchCriteriaId\":\"3677661A-9F24-4A1D-A66A-DF9330DF6DB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.13\",\"versionEndExcluding\":\"3.14.41\",\"matchCriteriaId\":\"E439BE91-83E3-4795-9E2D-C174EE1B84F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.15\",\"versionEndExcluding\":\"3.16.35\",\"matchCriteriaId\":\"7DC4BA70-B111-4D2E-BC78-6601CED68F08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17\",\"versionEndExcluding\":\"3.18.14\",\"matchCriteriaId\":\"0BB16F9A-A3E5-4CAC-905D-F60426BBAD9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.19\",\"versionEndExcluding\":\"3.19.7\",\"matchCriteriaId\":\"25099C5E-E14E-44D4-8482-0F87E1A22572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndExcluding\":\"4.0.2\",\"matchCriteriaId\":\"AB190AE4-287F-40B5-AC62-0B1E50DBE00D\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/101010\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039434\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2793\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2794\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2796\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2797\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2798\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2799\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2800\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2801\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2802\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/101010\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039434\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2793\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2795\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2796\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2797\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2798\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2799\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2800\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2801\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2802\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-1000253\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2017:2798\", \"name\": \"RHSA-2017:2798\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2795\", \"name\": \"RHSA-2017:2795\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.securitytracker.com/id/1039434\", \"name\": \"1039434\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2801\", \"name\": \"RHSA-2017:2801\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2796\", \"name\": \"RHSA-2017:2796\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/101010\", \"name\": \"101010\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2799\", \"name\": \"RHSA-2017:2799\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2794\", \"name\": \"RHSA-2017:2794\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2793\", \"name\": \"RHSA-2017:2793\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2797\", \"name\": \"RHSA-2017:2797\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2802\", \"name\": \"RHSA-2017:2802\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2800\", \"name\": \"RHSA-2017:2800\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-05T22:00:39.693Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2017-1000253\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-10T03:55:15.715774Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2024-09-09\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-1000253\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.1\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.2\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.4\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.5\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.6\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.7\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.8\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.9\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1406\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1503\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1511\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*\"], \"vendor\": \"centos\", \"product\": \"centos\", \"versions\": [{\"status\": \"affected\", \"version\": \"7.1611\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\", \"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\"], \"vendor\": \"redhat\", \"product\": \"enterprise_linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.0\"}, {\"status\": \"affected\", \"version\": \"6.1\"}, {\"status\": \"affected\", \"version\": \"6.2\"}, {\"status\": \"affected\", \"version\": \"6.3\"}, {\"status\": \"affected\", \"version\": \"6.4\"}, {\"status\": \"affected\", \"version\": \"6.5\"}, {\"status\": \"affected\", \"version\": \"6.6\"}, {\"status\": \"affected\", \"version\": \"6.7\"}, {\"status\": \"affected\", \"version\": \"6.8\"}, {\"status\": \"affected\", \"version\": \"6.9\"}, {\"status\": \"affected\", \"version\": \"7.0\"}, {\"status\": \"affected\", \"version\": \"7.1\"}, {\"status\": \"affected\", \"version\": \"7.2\"}, {\"status\": \"affected\", \"version\": \"7.3\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\", \"lessThan\": \"3.2.70\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.3\", \"lessThan\": \"3.4.109\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.5\", \"lessThan\": \"3.10.77\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.11\", \"lessThan\": \"3.12.43\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.13\", \"lessThan\": \"3.14.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.15\", \"lessThan\": \"3.16.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.17\", \"lessThan\": \"3.18.14\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.19\", \"lessThan\": \"3.19.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"4.0.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\", \"lessThan\": \"3.2.70\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.3\", \"lessThan\": \"3.4.109\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.5\", \"lessThan\": \"3.10.77\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.11\", \"lessThan\": \"3.12.43\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.13\", \"lessThan\": \"3.14.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.15\", \"lessThan\": \"3.16.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.17\", \"lessThan\": \"3.18.14\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.19\", \"lessThan\": \"3.19.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"4.0.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\", \"lessThan\": \"3.2.70\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.3\", \"lessThan\": \"3.4.109\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.5\", \"lessThan\": \"3.10.77\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.11\", \"lessThan\": \"3.12.43\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.13\", \"lessThan\": \"3.14.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.15\", \"lessThan\": \"3.16.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.17\", \"lessThan\": \"3.18.14\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.19\", \"lessThan\": \"3.19.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"4.0.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\", \"lessThan\": \"3.2.70\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.3\", \"lessThan\": \"3.4.109\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.5\", \"lessThan\": \"3.10.77\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.11\", \"lessThan\": \"3.12.43\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.13\", \"lessThan\": \"3.14.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.15\", \"lessThan\": \"3.16.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.17\", \"lessThan\": \"3.18.14\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.19\", \"lessThan\": \"3.19.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"4.0.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\", \"lessThan\": \"3.2.70\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.3\", \"lessThan\": \"3.4.109\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.5\", \"lessThan\": \"3.10.77\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.11\", \"lessThan\": \"3.12.43\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.13\", \"lessThan\": \"3.14.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.15\", \"lessThan\": \"3.16.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.17\", \"lessThan\": \"3.18.14\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.19\", \"lessThan\": \"3.19.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"4.0.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\", \"lessThan\": \"3.2.70\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.3\", \"lessThan\": \"3.4.109\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.5\", \"lessThan\": \"3.10.77\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.11\", \"lessThan\": \"3.12.43\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.13\", \"lessThan\": \"3.14.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.15\", \"lessThan\": \"3.16.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.17\", \"lessThan\": \"3.18.14\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.19\", \"lessThan\": \"3.19.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"4.0.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\", \"lessThan\": \"3.2.70\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.3\", \"lessThan\": \"3.4.109\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.5\", \"lessThan\": \"3.10.77\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.11\", \"lessThan\": \"3.12.43\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.13\", \"lessThan\": \"3.14.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.15\", \"lessThan\": \"3.16.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.17\", \"lessThan\": \"3.18.14\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.19\", \"lessThan\": \"3.19.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"4.0.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\", \"lessThan\": \"3.2.70\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.3\", \"lessThan\": \"3.4.109\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.5\", \"lessThan\": \"3.10.77\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.11\", \"lessThan\": \"3.12.43\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.13\", \"lessThan\": \"3.14.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.15\", \"lessThan\": \"3.16.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.17\", \"lessThan\": \"3.18.14\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.19\", \"lessThan\": \"3.19.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"4.0.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}, {\"cpes\": [\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\"], \"vendor\": \"linux\", \"product\": \"linux_kernel\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.25\", \"lessThan\": \"3.2.70\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.3\", \"lessThan\": \"3.4.109\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.5\", \"lessThan\": \"3.10.77\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.11\", \"lessThan\": \"3.12.43\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.13\", \"lessThan\": \"3.14.41\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.15\", \"lessThan\": \"3.16.35\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.17\", \"lessThan\": \"3.18.14\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"3.19\", \"lessThan\": \"3.19.7\", \"versionType\": \"custom\"}, {\"status\": \"affected\", \"version\": \"1.0\", \"lessThan\": \"4.0.2\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2024-09-09T00:00:00.000Z\", \"value\": \"CVE-2017-1000253 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-1000253\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-119\", \"description\": \"CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-06T17:10:39.045Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2017-10-03T00:00:00.000Z\", \"references\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2017:2798\", \"name\": \"RHSA-2017:2798\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2795\", \"name\": \"RHSA-2017:2795\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.securitytracker.com/id/1039434\", \"name\": \"1039434\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2801\", \"name\": \"RHSA-2017:2801\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2796\", \"name\": \"RHSA-2017:2796\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.securityfocus.com/bid/101010\", \"name\": \"101010\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2799\", \"name\": \"RHSA-2017:2799\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2794\", \"name\": \"RHSA-2017:2794\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2793\", \"name\": \"RHSA-2017:2793\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2797\", \"name\": \"RHSA-2017:2797\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2802\", \"name\": \"RHSA-2017:2802\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2800\", \"name\": \"RHSA-2017:2800\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"dateAssigned\": \"2017-09-25T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \\\"gap\\\" between the stack and the binary.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2017-12-08T10:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://access.redhat.com/errata/RHSA-2017:2798\", \"name\": \"RHSA-2017:2798\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2795\", \"name\": \"RHSA-2017:2795\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.securitytracker.com/id/1039434\", \"name\": \"1039434\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2801\", \"name\": \"RHSA-2017:2801\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2796\", \"name\": \"RHSA-2017:2796\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.securityfocus.com/bid/101010\", \"name\": \"101010\", \"refsource\": \"BID\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2799\", \"name\": \"RHSA-2017:2799\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2794\", \"name\": \"RHSA-2017:2794\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2793\", \"name\": \"RHSA-2017:2793\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2797\", \"name\": \"RHSA-2017:2797\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2802\", \"name\": \"RHSA-2017:2802\", \"refsource\": \"REDHAT\"}, {\"url\": \"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\", \"name\": \"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\", \"refsource\": \"MISC\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2800\", \"name\": \"RHSA-2017:2800\", \"refsource\": \"REDHAT\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \\\"gap\\\" between the stack and the binary.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2017-1000253\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\", \"REQUESTER\": \"qsa@qualys.com\", \"DATE_ASSIGNED\": \"2017-09-25\"}}}}",
"cveMetadata": "{\"cveId\": \"CVE-2017-1000253\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-21T23:55:32.192Z\", \"dateReserved\": \"2017-10-03T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2017-10-04T01:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2017_2799
Vulnerability from csaf_redhat - Published: 2017-09-26 18:00 - Updated: 2024-11-22 10:34Summary
Red Hat Security Advisory: kernel security update
Severity
Important
Notes
Topic: An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)
Red Hat would like to thank Qualys Research Labs for reporting this issue.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.
7.8 (High)
Affected products
Fixed
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
11 references
Acknowledgments
Qualys Research Labs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux 6.4 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application\u0027s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)\n\nRed Hat would like to thank Qualys Research Labs for reporting this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2799",
"url": "https://access.redhat.com/errata/RHSA-2017:2799"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/3189592",
"url": "https://access.redhat.com/security/vulnerabilities/3189592"
},
{
"category": "external",
"summary": "1492212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492212"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2799.json"
}
],
"title": "Red Hat Security Advisory: kernel security update",
"tracking": {
"current_release_date": "2024-11-22T10:34:19+00:00",
"generator": {
"date": "2024-11-22T10:34:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:2799",
"initial_release_date": "2017-09-26T18:00:24+00:00",
"revision_history": [
{
"date": "2017-09-26T18:00:24+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-26T18:00:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T10:34:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:6.4::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:6.4::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-perf-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "python-perf-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "python-perf-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf-debuginfo@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "perf-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "perf-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "kernel-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "kernel-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.32-358.84.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"product": {
"name": "kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"product_id": "kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@2.6.32-358.84.1.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:2.6.32-358.84.1.el6.src",
"product": {
"name": "kernel-0:2.6.32-358.84.1.el6.src",
"product_id": "kernel-0:2.6.32-358.84.1.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.32-358.84.1.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"product": {
"name": "kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"product_id": "kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-firmware@2.6.32-358.84.1.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"product": {
"name": "kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"product_id": "kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@2.6.32-358.84.1.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.84.1.el6.src as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src"
},
"product_reference": "kernel-0:2.6.32-358.84.1.el6.src",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.6.32-358.84.1.el6.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch"
},
"product_reference": "kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-0:2.6.32-358.84.1.el6.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch"
},
"product_reference": "kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "perf-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "python-perf-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.4)",
"product_id": "6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.84.1.el6.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src"
},
"product_reference": "kernel-0:2.6.32-358.84.1.el6.src",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.6.32-358.84.1.el6.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch"
},
"product_reference": "kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-0:2.6.32-358.84.1.el6.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch"
},
"product_reference": "kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "perf-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "python-perf-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.4)",
"product_id": "6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
},
"product_reference": "python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.4.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2017-1000253",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2017-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1492212"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application\u0027s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 prior to kernel version 3.10.0-693, that is Red Hat Enterprise Linux 7.4 GA kernel version. Kernel versions after 3.10.0-693 contain the fix and are thus not vulnerable.\n\nThis issue affects the Linux kernel-rt packages prior to the kernel version 3.10.0-693.rt56.617 (Red Hat Enteprise Linux for Realtime) and 3.10.0-693.2.1.rt56.585.el6rt (Red Hat Enterprise MRG 2). The latest Linux kernel-rt packages as shipped with Red Hat Enterprise Linux for Realtime and Red Hat Enterprise MRG 2 are not vulnerable.\n\nFuture Linux kernel updates for the respective releases will address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src",
"6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"6Server-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000253"
},
{
"category": "external",
"summary": "RHBZ#1492212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000253"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000253",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000253"
},
{
"category": "external",
"summary": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt",
"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:00:24+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src",
"6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"6Server-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2799"
},
{
"category": "workaround",
"details": "By setting vm.legacy_va_layout to 1 we can effectively disable the exploitation of this issue by switching to the legacy mmap layout. The mmap allocations start much lower in the process address space and follow the bottom-up allocation model. As such, the initial PIE executable mapping is far from the reserved stack area and cannot interfere with the stack.\n\n64-bit processes on Red Hat Enterprise Linux 5 are forced to use the legacy virtual address space layout regardless of the vm.legacy_va_layout value.\n\nNote: Applications that have demands for a large linear address space (such as certain databases) may be unable to handle the legacy memory layout proposed using this mitigation. We recommend to test your systems and applications before deploying this mitigation on production systems.\n\nEdit the /etc/sysctl.conf file as root, and add or amend:\n\n vm.legacy_va_layout = 1\n \t\t\t\t\t\t\t\t\n\nTo apply this setting, run the /sbin/sysctl -p command as the root user to reload the settings from /etc/sysctl.conf.\n\nVerify that vm.legacy_va_layout is now set to defined value:\n\n $ /sbin/sysctl vm.legacy_va_layout\n vm.legacy_va_layout = 1",
"product_ids": [
"6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src",
"6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"6Server-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src",
"6Server-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"6Server-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"6Server-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.src",
"6Server-optional-6.4.AUS:kernel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debug-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-devel-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:kernel-doc-0:2.6.32-358.84.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-firmware-0:2.6.32-358.84.1.el6.noarch",
"6Server-optional-6.4.AUS:kernel-headers-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-0:2.6.32-358.84.1.el6.x86_64",
"6Server-optional-6.4.AUS:python-perf-debuginfo-0:2.6.32-358.84.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-09-09T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary"
}
]
}
RHSA-2017_2800
Vulnerability from csaf_redhat - Published: 2017-09-26 17:05 - Updated: 2024-11-22 10:34Summary
Red Hat Security Advisory: kernel security update
Severity
Important
Notes
Topic: An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)
Red Hat would like to thank Qualys Research Labs for reporting this issue.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.
7.8 (High)
Affected products
Fixed
30 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 6Server-optional-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
11 references
Acknowledgments
Qualys Research Labs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux 6.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application\u0027s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)\n\nRed Hat would like to thank Qualys Research Labs for reporting this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2800",
"url": "https://access.redhat.com/errata/RHSA-2017:2800"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/3189592",
"url": "https://access.redhat.com/security/vulnerabilities/3189592"
},
{
"category": "external",
"summary": "1492212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492212"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2800.json"
}
],
"title": "Red Hat Security Advisory: kernel security update",
"tracking": {
"current_release_date": "2024-11-22T10:34:23+00:00",
"generator": {
"date": "2024-11-22T10:34:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:2800",
"initial_release_date": "2017-09-26T17:05:55+00:00",
"revision_history": [
{
"date": "2017-09-26T17:05:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-26T17:05:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T10:34:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product": {
"name": "Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_mission_critical:6.2::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_mission_critical:6.2::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "python-perf-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "python-perf-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "python-perf-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf-debuginfo@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "perf-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "perf-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@2.6.32-220.76.1.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.6.32-220.76.1.el6.x86_64",
"product": {
"name": "kernel-0:2.6.32-220.76.1.el6.x86_64",
"product_id": "kernel-0:2.6.32-220.76.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.32-220.76.1.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:2.6.32-220.76.1.el6.src",
"product": {
"name": "kernel-0:2.6.32-220.76.1.el6.src",
"product_id": "kernel-0:2.6.32-220.76.1.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.32-220.76.1.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"product": {
"name": "kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"product_id": "kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-firmware@2.6.32-220.76.1.el6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"product": {
"name": "kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"product_id": "kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@2.6.32-220.76.1.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-220.76.1.el6.src as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src"
},
"product_reference": "kernel-0:2.6.32-220.76.1.el6.src",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.6.32-220.76.1.el6.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch"
},
"product_reference": "kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-0:2.6.32-220.76.1.el6.noarch as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch"
},
"product_reference": "kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "perf-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "python-perf-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server AUS (v. 6.2)",
"product_id": "6Server-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-220.76.1.el6.src as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src"
},
"product_reference": "kernel-0:2.6.32-220.76.1.el6.src",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.6.32-220.76.1.el6.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch"
},
"product_reference": "kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-firmware-0:2.6.32-220.76.1.el6.noarch as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch"
},
"product_reference": "kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "perf-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "python-perf-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64 as a component of Red Hat Enterprise Linux Server Optional AUS (v. 6.2)",
"product_id": "6Server-optional-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
},
"product_reference": "python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"relates_to_product_reference": "6Server-optional-6.2.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2017-1000253",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2017-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1492212"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application\u0027s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 prior to kernel version 3.10.0-693, that is Red Hat Enterprise Linux 7.4 GA kernel version. Kernel versions after 3.10.0-693 contain the fix and are thus not vulnerable.\n\nThis issue affects the Linux kernel-rt packages prior to the kernel version 3.10.0-693.rt56.617 (Red Hat Enteprise Linux for Realtime) and 3.10.0-693.2.1.rt56.585.el6rt (Red Hat Enterprise MRG 2). The latest Linux kernel-rt packages as shipped with Red Hat Enterprise Linux for Realtime and Red Hat Enterprise MRG 2 are not vulnerable.\n\nFuture Linux kernel updates for the respective releases will address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src",
"6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"6Server-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"6Server-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src",
"6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"6Server-optional-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"6Server-optional-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000253"
},
{
"category": "external",
"summary": "RHBZ#1492212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000253"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000253",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000253"
},
{
"category": "external",
"summary": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt",
"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T17:05:55+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src",
"6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"6Server-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"6Server-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src",
"6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"6Server-optional-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"6Server-optional-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2800"
},
{
"category": "workaround",
"details": "By setting vm.legacy_va_layout to 1 we can effectively disable the exploitation of this issue by switching to the legacy mmap layout. The mmap allocations start much lower in the process address space and follow the bottom-up allocation model. As such, the initial PIE executable mapping is far from the reserved stack area and cannot interfere with the stack.\n\n64-bit processes on Red Hat Enterprise Linux 5 are forced to use the legacy virtual address space layout regardless of the vm.legacy_va_layout value.\n\nNote: Applications that have demands for a large linear address space (such as certain databases) may be unable to handle the legacy memory layout proposed using this mitigation. We recommend to test your systems and applications before deploying this mitigation on production systems.\n\nEdit the /etc/sysctl.conf file as root, and add or amend:\n\n vm.legacy_va_layout = 1\n \t\t\t\t\t\t\t\t\n\nTo apply this setting, run the /sbin/sysctl -p command as the root user to reload the settings from /etc/sysctl.conf.\n\nVerify that vm.legacy_va_layout is now set to defined value:\n\n $ /sbin/sysctl vm.legacy_va_layout\n vm.legacy_va_layout = 1",
"product_ids": [
"6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src",
"6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"6Server-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"6Server-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src",
"6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"6Server-optional-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"6Server-optional-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src",
"6Server-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"6Server-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"6Server-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.src",
"6Server-optional-6.2.AUS:kernel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debug-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-debuginfo-common-x86_64-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-devel-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:kernel-doc-0:2.6.32-220.76.1.el6.noarch",
"6Server-optional-6.2.AUS:kernel-firmware-0:2.6.32-220.76.1.el6.noarch",
"6Server-optional-6.2.AUS:kernel-headers-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:python-perf-0:2.6.32-220.76.1.el6.x86_64",
"6Server-optional-6.2.AUS:python-perf-debuginfo-0:2.6.32-220.76.1.el6.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-09-09T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary"
}
]
}
RHSA-2017_2801
Vulnerability from csaf_redhat - Published: 2017-09-26 18:27 - Updated: 2024-11-22 10:34Summary
Red Hat Security Advisory: kernel security update
Severity
Important
Notes
Topic: An update for kernel is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)
Red Hat would like to thank Qualys Research Labs for reporting this issue.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.
7.8 (High)
Affected products
Fixed
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-ELS:kernel-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-0:2.6.18-423.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-PAE-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-PAE-debuginfo-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-PAE-devel-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debug-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debug-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debug-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-devel-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-devel-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-devel-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-doc-0:2.6.18-423.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-headers-0:2.6.18-423.el5.i386 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-headers-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-headers-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-kdump-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-kdump-devel-0:2.6.18-423.el5.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-xen-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-xen-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
11 references
Acknowledgments
Qualys Research Labs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux 5 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application\u0027s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)\n\nRed Hat would like to thank Qualys Research Labs for reporting this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2801",
"url": "https://access.redhat.com/errata/RHSA-2017:2801"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/3189592",
"url": "https://access.redhat.com/security/vulnerabilities/3189592"
},
{
"category": "external",
"summary": "1492212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492212"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2801.json"
}
],
"title": "Red Hat Security Advisory: kernel security update",
"tracking": {
"current_release_date": "2024-11-22T10:34:28+00:00",
"generator": {
"date": "2024-11-22T10:34:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:2801",
"initial_release_date": "2017-09-26T18:27:45+00:00",
"revision_history": [
{
"date": "2017-09-26T18:27:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-26T18:27:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T10:34:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 5 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:5"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen-debuginfo@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-debuginfo-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-debuginfo-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-devel-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-devel-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-headers-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-headers-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-xen-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-xen-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-debug-devel-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-debug-devel-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-xen-devel-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-xen-devel-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen-devel@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-debug-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-debug-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-debuginfo-common-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-debuginfo-common-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.18-423.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.6.18-423.el5.x86_64",
"product": {
"name": "kernel-0:2.6.18-423.el5.x86_64",
"product_id": "kernel-0:2.6.18-423.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.18-423.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-xen-debuginfo-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-xen-debuginfo-0:2.6.18-423.el5.i686",
"product_id": "kernel-xen-debuginfo-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen-debuginfo@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-debuginfo-0:2.6.18-423.el5.i686",
"product_id": "kernel-debuginfo-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-devel-0:2.6.18-423.el5.i686",
"product_id": "kernel-devel-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-PAE-devel-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-PAE-devel-0:2.6.18-423.el5.i686",
"product_id": "kernel-PAE-devel-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-PAE-devel@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-xen-0:2.6.18-423.el5.i686",
"product_id": "kernel-xen-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-PAE-debuginfo-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-PAE-debuginfo-0:2.6.18-423.el5.i686",
"product_id": "kernel-PAE-debuginfo-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-PAE-debuginfo@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-debug-devel-0:2.6.18-423.el5.i686",
"product_id": "kernel-debug-devel-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-PAE-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-PAE-0:2.6.18-423.el5.i686",
"product_id": "kernel-PAE-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-PAE@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-xen-devel-0:2.6.18-423.el5.i686",
"product_id": "kernel-xen-devel-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen-devel@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-debug-0:2.6.18-423.el5.i686",
"product_id": "kernel-debug-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-debuginfo-common-0:2.6.18-423.el5.i686",
"product_id": "kernel-debuginfo-common-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-debug-debuginfo-0:2.6.18-423.el5.i686",
"product_id": "kernel-debug-debuginfo-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.18-423.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.6.18-423.el5.i686",
"product": {
"name": "kernel-0:2.6.18-423.el5.i686",
"product_id": "kernel-0:2.6.18-423.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.18-423.el5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-headers-0:2.6.18-423.el5.i386",
"product": {
"name": "kernel-headers-0:2.6.18-423.el5.i386",
"product_id": "kernel-headers-0:2.6.18-423.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@2.6.18-423.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-doc-0:2.6.18-423.el5.noarch",
"product": {
"name": "kernel-doc-0:2.6.18-423.el5.noarch",
"product_id": "kernel-doc-0:2.6.18-423.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@2.6.18-423.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-debuginfo-0:2.6.18-423.el5.s390x",
"product_id": "kernel-debuginfo-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-devel-0:2.6.18-423.el5.s390x",
"product_id": "kernel-devel-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-headers-0:2.6.18-423.el5.s390x",
"product_id": "kernel-headers-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-kdump-devel-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-kdump-devel-0:2.6.18-423.el5.s390x",
"product_id": "kernel-kdump-devel-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-kdump-devel@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-kdump-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-kdump-0:2.6.18-423.el5.s390x",
"product_id": "kernel-kdump-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-kdump@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-debug-devel-0:2.6.18-423.el5.s390x",
"product_id": "kernel-debug-devel-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x",
"product_id": "kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-kdump-debuginfo@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-debug-0:2.6.18-423.el5.s390x",
"product_id": "kernel-debug-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-debuginfo-common-0:2.6.18-423.el5.s390x",
"product_id": "kernel-debuginfo-common-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-debug-debuginfo-0:2.6.18-423.el5.s390x",
"product_id": "kernel-debug-debuginfo-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.18-423.el5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.6.18-423.el5.s390x",
"product": {
"name": "kernel-0:2.6.18-423.el5.s390x",
"product_id": "kernel-0:2.6.18-423.el5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.18-423.el5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:2.6.18-423.el5.src",
"product": {
"name": "kernel-0:2.6.18-423.el5.src",
"product_id": "kernel-0:2.6.18-423.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.18-423.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.18-423.el5.src as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-0:2.6.18-423.el5.src"
},
"product_reference": "kernel-0:2.6.18-423.el5.src",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-PAE-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-PAE-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-PAE-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-PAE-debuginfo-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-PAE-debuginfo-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-PAE-debuginfo-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-PAE-devel-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-PAE-devel-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-PAE-devel-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debug-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-debug-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debug-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-debug-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debug-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-debug-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-debug-devel-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-debug-devel-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-debug-devel-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-debuginfo-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-debuginfo-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-debuginfo-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-debuginfo-common-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-debuginfo-common-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-debuginfo-common-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-devel-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-devel-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-devel-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-devel-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-devel-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-devel-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.6.18-423.el5.noarch as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-doc-0:2.6.18-423.el5.noarch"
},
"product_reference": "kernel-doc-0:2.6.18-423.el5.noarch",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.18-423.el5.i386 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-headers-0:2.6.18-423.el5.i386"
},
"product_reference": "kernel-headers-0:2.6.18-423.el5.i386",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-headers-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-headers-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-headers-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-headers-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kdump-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-kdump-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-kdump-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kdump-devel-0:2.6.18-423.el5.s390x as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-kdump-devel-0:2.6.18-423.el5.s390x"
},
"product_reference": "kernel-kdump-devel-0:2.6.18-423.el5.s390x",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-xen-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-xen-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-xen-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-xen-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-debuginfo-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-xen-debuginfo-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-0:2.6.18-423.el5.i686 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.i686"
},
"product_reference": "kernel-xen-devel-0:2.6.18-423.el5.i686",
"relates_to_product_reference": "5Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-0:2.6.18-423.el5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 5 ELS)",
"product_id": "5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.x86_64"
},
"product_reference": "kernel-xen-devel-0:2.6.18-423.el5.x86_64",
"relates_to_product_reference": "5Server-ELS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2017-1000253",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2017-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1492212"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application\u0027s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 prior to kernel version 3.10.0-693, that is Red Hat Enterprise Linux 7.4 GA kernel version. Kernel versions after 3.10.0-693 contain the fix and are thus not vulnerable.\n\nThis issue affects the Linux kernel-rt packages prior to the kernel version 3.10.0-693.rt56.617 (Red Hat Enteprise Linux for Realtime) and 3.10.0-693.2.1.rt56.585.el6rt (Red Hat Enterprise MRG 2). The latest Linux kernel-rt packages as shipped with Red Hat Enterprise Linux for Realtime and Red Hat Enterprise MRG 2 are not vulnerable.\n\nFuture Linux kernel updates for the respective releases will address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-ELS:kernel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-0:2.6.18-423.el5.src",
"5Server-ELS:kernel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-PAE-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-PAE-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-PAE-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-doc-0:2.6.18-423.el5.noarch",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.i386",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-kdump-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-kdump-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-xen-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000253"
},
{
"category": "external",
"summary": "RHBZ#1492212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000253"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000253",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000253"
},
{
"category": "external",
"summary": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt",
"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T18:27:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"5Server-ELS:kernel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-0:2.6.18-423.el5.src",
"5Server-ELS:kernel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-PAE-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-PAE-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-PAE-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-doc-0:2.6.18-423.el5.noarch",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.i386",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-kdump-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-kdump-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-xen-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2801"
},
{
"category": "workaround",
"details": "By setting vm.legacy_va_layout to 1 we can effectively disable the exploitation of this issue by switching to the legacy mmap layout. The mmap allocations start much lower in the process address space and follow the bottom-up allocation model. As such, the initial PIE executable mapping is far from the reserved stack area and cannot interfere with the stack.\n\n64-bit processes on Red Hat Enterprise Linux 5 are forced to use the legacy virtual address space layout regardless of the vm.legacy_va_layout value.\n\nNote: Applications that have demands for a large linear address space (such as certain databases) may be unable to handle the legacy memory layout proposed using this mitigation. We recommend to test your systems and applications before deploying this mitigation on production systems.\n\nEdit the /etc/sysctl.conf file as root, and add or amend:\n\n vm.legacy_va_layout = 1\n \t\t\t\t\t\t\t\t\n\nTo apply this setting, run the /sbin/sysctl -p command as the root user to reload the settings from /etc/sysctl.conf.\n\nVerify that vm.legacy_va_layout is now set to defined value:\n\n $ /sbin/sysctl vm.legacy_va_layout\n vm.legacy_va_layout = 1",
"product_ids": [
"5Server-ELS:kernel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-0:2.6.18-423.el5.src",
"5Server-ELS:kernel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-PAE-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-PAE-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-PAE-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-doc-0:2.6.18-423.el5.noarch",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.i386",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-kdump-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-kdump-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-xen-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-ELS:kernel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-0:2.6.18-423.el5.src",
"5Server-ELS:kernel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-PAE-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-PAE-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-PAE-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debug-devel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-debuginfo-common-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-devel-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-doc-0:2.6.18-423.el5.noarch",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.i386",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-headers-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-kdump-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-kdump-debuginfo-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-kdump-devel-0:2.6.18-423.el5.s390x",
"5Server-ELS:kernel-xen-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-debuginfo-0:2.6.18-423.el5.x86_64",
"5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.i686",
"5Server-ELS:kernel-xen-devel-0:2.6.18-423.el5.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-09-09T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary"
}
]
}
RHSA-2017_2802
Vulnerability from csaf_redhat - Published: 2017-09-26 19:25 - Updated: 2024-11-22 10:33Summary
Red Hat Security Advisory: kernel security update
Severity
Important
Notes
Topic: An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel packages contain the Linux kernel, the core of any Linux operating system.
Security Fix(es):
* A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)
Red Hat would like to thank Qualys Research Labs for reporting this issue.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.
7.8 (High)
Affected products
Fixed
27 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-PAE-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-doc-0:2.6.18-348.34.2.el5.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.i386 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.i686 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Exploit Status
CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog
Impact
Important
References
11 references
Acknowledgments
Qualys Research Labs
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel packages contain the Linux kernel, the core of any Linux operating system.\n\nSecurity Fix(es):\n\n* A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application\u0027s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)\n\nRed Hat would like to thank Qualys Research Labs for reporting this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2802",
"url": "https://access.redhat.com/errata/RHSA-2017:2802"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/vulnerabilities/3189592",
"url": "https://access.redhat.com/security/vulnerabilities/3189592"
},
{
"category": "external",
"summary": "1492212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492212"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2802.json"
}
],
"title": "Red Hat Security Advisory: kernel security update",
"tracking": {
"current_release_date": "2024-11-22T10:33:41+00:00",
"generator": {
"date": "2024-11-22T10:33:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:2802",
"initial_release_date": "2017-09-26T19:25:19+00:00",
"revision_history": [
{
"date": "2017-09-26T19:25:19+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-09-26T19:25:19+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T10:33:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product": {
"name": "Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:5.9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-debug-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-debug-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-headers-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-headers-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen-devel@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen-debuginfo@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-devel-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-devel-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-xen-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-xen-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.18-348.34.2.el5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"product": {
"name": "kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"product_id": "kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.18-348.34.2.el5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-debug-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-debug-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-xen-devel-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-xen-devel-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen-devel@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-debug-devel-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-debug-devel-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen-debuginfo@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-devel-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-devel-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-PAE-debuginfo@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-xen-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-xen-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-xen-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-xen@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-PAE-devel@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-debuginfo-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@2.6.18-348.34.2.el5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "kernel-PAE-0:2.6.18-348.34.2.el5.i686",
"product": {
"name": "kernel-PAE-0:2.6.18-348.34.2.el5.i686",
"product_id": "kernel-PAE-0:2.6.18-348.34.2.el5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-PAE@2.6.18-348.34.2.el5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-headers-0:2.6.18-348.34.2.el5.i386",
"product": {
"name": "kernel-headers-0:2.6.18-348.34.2.el5.i386",
"product_id": "kernel-headers-0:2.6.18-348.34.2.el5.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@2.6.18-348.34.2.el5?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-doc-0:2.6.18-348.34.2.el5.noarch",
"product": {
"name": "kernel-doc-0:2.6.18-348.34.2.el5.noarch",
"product_id": "kernel-doc-0:2.6.18-348.34.2.el5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@2.6.18-348.34.2.el5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-0:2.6.18-348.34.2.el5.src",
"product": {
"name": "kernel-0:2.6.18-348.34.2.el5.src",
"product_id": "kernel-0:2.6.18-348.34.2.el5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@2.6.18-348.34.2.el5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.18-348.34.2.el5.src as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.src"
},
"product_reference": "kernel-0:2.6.18-348.34.2.el5.src",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-PAE-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-PAE-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-PAE-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-debug-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-debug-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-debug-devel-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-debuginfo-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-devel-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-devel-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:2.6.18-348.34.2.el5.noarch as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-doc-0:2.6.18-348.34.2.el5.noarch"
},
"product_reference": "kernel-doc-0:2.6.18-348.34.2.el5.noarch",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.18-348.34.2.el5.i386 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.i386"
},
"product_reference": "kernel-headers-0:2.6.18-348.34.2.el5.i386",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-headers-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-xen-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-xen-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-0:2.6.18-348.34.2.el5.i686 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.i686"
},
"product_reference": "kernel-xen-devel-0:2.6.18-348.34.2.el5.i686",
"relates_to_product_reference": "5Server-5.9.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64 as a component of Red Hat Enterprise Linux Long Life (v. 5.9 server)",
"product_id": "5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64"
},
"product_reference": "kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64",
"relates_to_product_reference": "5Server-5.9.AUS"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Qualys Research Labs"
]
}
],
"cve": "CVE-2017-1000253",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2017-09-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1492212"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application\u0027s data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 prior to kernel version 3.10.0-693, that is Red Hat Enterprise Linux 7.4 GA kernel version. Kernel versions after 3.10.0-693 contain the fix and are thus not vulnerable.\n\nThis issue affects the Linux kernel-rt packages prior to the kernel version 3.10.0-693.rt56.617 (Red Hat Enteprise Linux for Realtime) and 3.10.0-693.2.1.rt56.585.el6rt (Red Hat Enterprise MRG 2). The latest Linux kernel-rt packages as shipped with Red Hat Enterprise Linux for Realtime and Red Hat Enterprise MRG 2 are not vulnerable.\n\nFuture Linux kernel updates for the respective releases will address this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.src",
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-PAE-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-doc-0:2.6.18-348.34.2.el5.noarch",
"5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.i386",
"5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-1000253"
},
{
"category": "external",
"summary": "RHBZ#1492212",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492212"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-1000253",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000253"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000253",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-1000253"
},
{
"category": "external",
"summary": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt",
"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
},
{
"category": "external",
"summary": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog",
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
}
],
"release_date": "2017-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-09-26T19:25:19+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.src",
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-PAE-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-doc-0:2.6.18-348.34.2.el5.noarch",
"5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.i386",
"5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64"
],
"restart_required": {
"category": "machine"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2802"
},
{
"category": "workaround",
"details": "By setting vm.legacy_va_layout to 1 we can effectively disable the exploitation of this issue by switching to the legacy mmap layout. The mmap allocations start much lower in the process address space and follow the bottom-up allocation model. As such, the initial PIE executable mapping is far from the reserved stack area and cannot interfere with the stack.\n\n64-bit processes on Red Hat Enterprise Linux 5 are forced to use the legacy virtual address space layout regardless of the vm.legacy_va_layout value.\n\nNote: Applications that have demands for a large linear address space (such as certain databases) may be unable to handle the legacy memory layout proposed using this mitigation. We recommend to test your systems and applications before deploying this mitigation on production systems.\n\nEdit the /etc/sysctl.conf file as root, and add or amend:\n\n vm.legacy_va_layout = 1\n \t\t\t\t\t\t\t\t\n\nTo apply this setting, run the /sbin/sysctl -p command as the root user to reload the settings from /etc/sysctl.conf.\n\nVerify that vm.legacy_va_layout is now set to defined value:\n\n $ /sbin/sysctl vm.legacy_va_layout\n vm.legacy_va_layout = 1",
"product_ids": [
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.src",
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-PAE-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-doc-0:2.6.18-348.34.2.el5.noarch",
"5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.i386",
"5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.src",
"5Server-5.9.AUS:kernel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-PAE-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-PAE-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-PAE-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debug-devel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-debuginfo-common-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-devel-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-doc-0:2.6.18-348.34.2.el5.noarch",
"5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.i386",
"5Server-5.9.AUS:kernel-headers-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-debuginfo-0:2.6.18-348.34.2.el5.x86_64",
"5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.i686",
"5Server-5.9.AUS:kernel-xen-devel-0:2.6.18-348.34.2.el5.x86_64"
]
}
],
"threats": [
{
"category": "exploit_status",
"date": "2024-09-09T00:00:00+00:00",
"details": "CISA: https://www.cisa.gov/known-exploited-vulnerabilities-catalog"
},
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary"
}
]
}
SUSE-SU-2017:2723-1
Vulnerability from csaf_suse - Published: 2017-10-13 09:51 - Updated: 2017-10-13 09:51Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 11 SP4 kernel was updated to fix the following issues:
- Stack corruption could have lead to local privilege escalation
(bsc#1059525, CVE-2017-1000253).
Patchnames: sdksp4-kernel-13312,slessp4-kernel-13312,slexsp3-kernel-13312
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
125 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.13.2.noarch | — |
Vendor Fix
|
Threats
Impact
moderate
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 11 SP4 kernel was updated to fix the following issues:\n\n- Stack corruption could have lead to local privilege escalation\n (bsc#1059525, CVE-2017-1000253).\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-kernel-13312,slessp4-kernel-13312,slexsp3-kernel-13312",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2723-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2723-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172723-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2723-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003296.html"
},
{
"category": "self",
"summary": "SUSE Bug 1059525",
"url": "https://bugzilla.suse.com/1059525"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000253 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000253/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-10-13T09:51:47Z",
"generator": {
"date": "2017-10-13T09:51:47Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2723-1",
"initial_release_date": "2017-10-13T09:51:47Z",
"revision_history": [
{
"date": "2017-10-13T09:51:47Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-default-3.0.101-108.13.1.i586",
"product_id": "kernel-default-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-default-base-3.0.101-108.13.1.i586",
"product_id": "kernel-default-base-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-default-devel-3.0.101-108.13.1.i586",
"product_id": "kernel-default-devel-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-ec2-3.0.101-108.13.1.i586",
"product_id": "kernel-ec2-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-ec2-base-3.0.101-108.13.1.i586",
"product_id": "kernel-ec2-base-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.13.1.i586",
"product_id": "kernel-ec2-devel-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-pae-3.0.101-108.13.1.i586",
"product_id": "kernel-pae-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-base-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-pae-base-3.0.101-108.13.1.i586",
"product_id": "kernel-pae-base-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-devel-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-pae-devel-3.0.101-108.13.1.i586",
"product_id": "kernel-pae-devel-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-source-3.0.101-108.13.1.i586",
"product_id": "kernel-source-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-syms-3.0.101-108.13.1.i586",
"product_id": "kernel-syms-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-trace-3.0.101-108.13.1.i586",
"product_id": "kernel-trace-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-trace-base-3.0.101-108.13.1.i586",
"product_id": "kernel-trace-base-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-trace-devel-3.0.101-108.13.1.i586",
"product_id": "kernel-trace-devel-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-xen-3.0.101-108.13.1.i586",
"product_id": "kernel-xen-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-xen-base-3.0.101-108.13.1.i586",
"product_id": "kernel-xen-base-3.0.101-108.13.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.13.1.i586",
"product": {
"name": "kernel-xen-devel-3.0.101-108.13.1.i586",
"product_id": "kernel-xen-devel-3.0.101-108.13.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.13.1.ia64",
"product": {
"name": "kernel-default-3.0.101-108.13.1.ia64",
"product_id": "kernel-default-3.0.101-108.13.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.13.1.ia64",
"product": {
"name": "kernel-default-base-3.0.101-108.13.1.ia64",
"product_id": "kernel-default-base-3.0.101-108.13.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.13.1.ia64",
"product": {
"name": "kernel-default-devel-3.0.101-108.13.1.ia64",
"product_id": "kernel-default-devel-3.0.101-108.13.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.13.1.ia64",
"product": {
"name": "kernel-source-3.0.101-108.13.1.ia64",
"product_id": "kernel-source-3.0.101-108.13.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.13.1.ia64",
"product": {
"name": "kernel-syms-3.0.101-108.13.1.ia64",
"product_id": "kernel-syms-3.0.101-108.13.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.13.1.ia64",
"product": {
"name": "kernel-trace-3.0.101-108.13.1.ia64",
"product_id": "kernel-trace-3.0.101-108.13.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.13.1.ia64",
"product": {
"name": "kernel-trace-base-3.0.101-108.13.1.ia64",
"product_id": "kernel-trace-base-3.0.101-108.13.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.13.1.ia64",
"product": {
"name": "kernel-trace-devel-3.0.101-108.13.1.ia64",
"product_id": "kernel-trace-devel-3.0.101-108.13.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-docs-3.0.101-108.13.2.noarch",
"product": {
"name": "kernel-docs-3.0.101-108.13.2.noarch",
"product_id": "kernel-docs-3.0.101-108.13.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-bigmem-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-bigmem-3.0.101-108.13.1.ppc64",
"product_id": "kernel-bigmem-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"product_id": "kernel-bigmem-base-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"product_id": "kernel-bigmem-devel-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-default-3.0.101-108.13.1.ppc64",
"product_id": "kernel-default-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-default-base-3.0.101-108.13.1.ppc64",
"product_id": "kernel-default-base-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-default-devel-3.0.101-108.13.1.ppc64",
"product_id": "kernel-default-devel-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-ppc64-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-ppc64-3.0.101-108.13.1.ppc64",
"product_id": "kernel-ppc64-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"product_id": "kernel-ppc64-base-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"product_id": "kernel-ppc64-devel-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-source-3.0.101-108.13.1.ppc64",
"product_id": "kernel-source-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-syms-3.0.101-108.13.1.ppc64",
"product_id": "kernel-syms-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-trace-3.0.101-108.13.1.ppc64",
"product_id": "kernel-trace-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-trace-base-3.0.101-108.13.1.ppc64",
"product_id": "kernel-trace-base-3.0.101-108.13.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.13.1.ppc64",
"product": {
"name": "kernel-trace-devel-3.0.101-108.13.1.ppc64",
"product_id": "kernel-trace-devel-3.0.101-108.13.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.13.1.s390x",
"product": {
"name": "kernel-default-3.0.101-108.13.1.s390x",
"product_id": "kernel-default-3.0.101-108.13.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.13.1.s390x",
"product": {
"name": "kernel-default-base-3.0.101-108.13.1.s390x",
"product_id": "kernel-default-base-3.0.101-108.13.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.13.1.s390x",
"product": {
"name": "kernel-default-devel-3.0.101-108.13.1.s390x",
"product_id": "kernel-default-devel-3.0.101-108.13.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.0.101-108.13.1.s390x",
"product": {
"name": "kernel-default-man-3.0.101-108.13.1.s390x",
"product_id": "kernel-default-man-3.0.101-108.13.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.13.1.s390x",
"product": {
"name": "kernel-source-3.0.101-108.13.1.s390x",
"product_id": "kernel-source-3.0.101-108.13.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.13.1.s390x",
"product": {
"name": "kernel-syms-3.0.101-108.13.1.s390x",
"product_id": "kernel-syms-3.0.101-108.13.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.13.1.s390x",
"product": {
"name": "kernel-trace-3.0.101-108.13.1.s390x",
"product_id": "kernel-trace-3.0.101-108.13.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.13.1.s390x",
"product": {
"name": "kernel-trace-base-3.0.101-108.13.1.s390x",
"product_id": "kernel-trace-base-3.0.101-108.13.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.13.1.s390x",
"product": {
"name": "kernel-trace-devel-3.0.101-108.13.1.s390x",
"product_id": "kernel-trace-devel-3.0.101-108.13.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-default-3.0.101-108.13.1.x86_64",
"product_id": "kernel-default-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-default-base-3.0.101-108.13.1.x86_64",
"product_id": "kernel-default-base-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-default-devel-3.0.101-108.13.1.x86_64",
"product_id": "kernel-default-devel-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-ec2-3.0.101-108.13.1.x86_64",
"product_id": "kernel-ec2-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-ec2-base-3.0.101-108.13.1.x86_64",
"product_id": "kernel-ec2-base-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"product_id": "kernel-ec2-devel-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-source-3.0.101-108.13.1.x86_64",
"product_id": "kernel-source-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-syms-3.0.101-108.13.1.x86_64",
"product_id": "kernel-syms-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-trace-3.0.101-108.13.1.x86_64",
"product_id": "kernel-trace-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-trace-base-3.0.101-108.13.1.x86_64",
"product_id": "kernel-trace-base-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-trace-devel-3.0.101-108.13.1.x86_64",
"product_id": "kernel-trace-devel-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-xen-3.0.101-108.13.1.x86_64",
"product_id": "kernel-xen-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-xen-base-3.0.101-108.13.1.x86_64",
"product_id": "kernel-xen-base-3.0.101-108.13.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.13.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.0.101-108.13.1.x86_64",
"product_id": "kernel-xen-devel-3.0.101-108.13.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-3.0.101-108.13.2.noarch as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.13.2.noarch"
},
"product_reference": "kernel-docs-3.0.101-108.13.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigmem-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-bigmem-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigmem-base-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigmem-devel-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-default-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-default-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-default-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-default-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-default-man-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-ec2-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-ec2-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-pae-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-pae-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-pae-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-ppc64-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-base-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-devel-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-source-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-source-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-source-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-source-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-xen-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-xen-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-xen-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigmem-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-bigmem-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigmem-base-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigmem-devel-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-default-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-default-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-default-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-default-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-default-man-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-ec2-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-ec2-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-pae-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-pae-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-pae-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-ppc64-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-base-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ppc64-devel-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-source-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-source-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-source-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-source-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-xen-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-xen-base-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.13.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586"
},
"product_reference": "kernel-xen-devel-3.0.101-108.13.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.13.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-108.13.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-1000253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000253"
}
],
"notes": [
{
"category": "general",
"text": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.13.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000253",
"url": "https://www.suse.com/security/cve/CVE-2017-1000253"
},
{
"category": "external",
"summary": "SUSE Bug 1059525 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1059525"
},
{
"category": "external",
"summary": "SUSE Bug 1061680 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1061680"
},
{
"category": "external",
"summary": "SUSE Bug 1063607 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1063607"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1071943"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1075506 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1075506"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1149729 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1149729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.13.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-source-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-bigmem-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-default-man-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ec2-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-pae-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-ppc64-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-source-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-syms-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-trace-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-base-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:kernel-xen-devel-3.0.101-108.13.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:kernel-docs-3.0.101-108.13.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-13T09:51:47Z",
"details": "moderate"
}
],
"title": "CVE-2017-1000253"
}
]
}
SUSE-SU-2017:2725-1
Vulnerability from csaf_suse - Published: 2017-10-13 14:58 - Updated: 2017-10-13 14:58Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 11 SP3 kernel was updated to fix the following issues:
- Stack corruption could have lead to local privilege escalation
(bsc#1059525, CVE-2017-1000253).
Patchnames: sleposp3-kernel-13314,slessp3-kernel-13314,slexsp3-kernel-13314
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
60 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.i586 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
15 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 11 SP3 kernel was updated to fix the following issues:\n\n- Stack corruption could have lead to local privilege escalation\n (bsc#1059525, CVE-2017-1000253).\n ",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sleposp3-kernel-13314,slessp3-kernel-13314,slexsp3-kernel-13314",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2725-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2725-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172725-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2725-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003297.html"
},
{
"category": "self",
"summary": "SUSE Bug 1059525",
"url": "https://bugzilla.suse.com/1059525"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000253 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000253/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-10-13T14:58:02Z",
"generator": {
"date": "2017-10-13T14:58:02Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2725-1",
"initial_release_date": "2017-10-13T14:58:02Z",
"revision_history": [
{
"date": "2017-10-13T14:58:02Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-default-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-default-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-default-base-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-default-base-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-default-devel-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-ec2-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-ec2-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-ec2-base-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-ec2-devel-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-pae-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-pae-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-pae-base-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-pae-devel-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-source-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-source-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-syms-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-syms-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-trace-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-trace-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-trace-base-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-trace-devel-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-xen-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-xen-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-xen-base-3.0.101-0.47.106.8.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"product": {
"name": "kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"product_id": "kernel-xen-devel-3.0.101-0.47.106.8.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.0.101-0.47.106.8.1.s390x",
"product": {
"name": "kernel-default-3.0.101-0.47.106.8.1.s390x",
"product_id": "kernel-default-3.0.101-0.47.106.8.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-0.47.106.8.1.s390x",
"product": {
"name": "kernel-default-base-3.0.101-0.47.106.8.1.s390x",
"product_id": "kernel-default-base-3.0.101-0.47.106.8.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.s390x",
"product": {
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.s390x",
"product_id": "kernel-default-devel-3.0.101-0.47.106.8.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.0.101-0.47.106.8.1.s390x",
"product": {
"name": "kernel-default-man-3.0.101-0.47.106.8.1.s390x",
"product_id": "kernel-default-man-3.0.101-0.47.106.8.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-0.47.106.8.1.s390x",
"product": {
"name": "kernel-source-3.0.101-0.47.106.8.1.s390x",
"product_id": "kernel-source-3.0.101-0.47.106.8.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-0.47.106.8.1.s390x",
"product": {
"name": "kernel-syms-3.0.101-0.47.106.8.1.s390x",
"product_id": "kernel-syms-3.0.101-0.47.106.8.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-0.47.106.8.1.s390x",
"product": {
"name": "kernel-trace-3.0.101-0.47.106.8.1.s390x",
"product_id": "kernel-trace-3.0.101-0.47.106.8.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.s390x",
"product": {
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.s390x",
"product_id": "kernel-trace-base-3.0.101-0.47.106.8.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.s390x",
"product": {
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.s390x",
"product_id": "kernel-trace-devel-3.0.101-0.47.106.8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-default-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-default-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-default-base-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-default-base-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-default-devel-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-ec2-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-ec2-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-source-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-source-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-syms-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-syms-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-trace-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-trace-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-trace-base-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-xen-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-xen-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-xen-base-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-xen-base-3.0.101-0.47.106.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64",
"product_id": "kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-default-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-default-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-ec2-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-pae-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-source-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-syms-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-trace-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-xen-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-default-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-0.47.106.8.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.s390x"
},
"product_reference": "kernel-default-3.0.101-0.47.106.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-default-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-0.47.106.8.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.s390x"
},
"product_reference": "kernel-default-base-3.0.101-0.47.106.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.s390x"
},
"product_reference": "kernel-default-devel-3.0.101-0.47.106.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.0.101-0.47.106.8.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.8.1.s390x"
},
"product_reference": "kernel-default-man-3.0.101-0.47.106.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-ec2-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-pae-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-pae-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-source-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-0.47.106.8.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.s390x"
},
"product_reference": "kernel-source-3.0.101-0.47.106.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-syms-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-0.47.106.8.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.s390x"
},
"product_reference": "kernel-syms-3.0.101-0.47.106.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-trace-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-0.47.106.8.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.s390x"
},
"product_reference": "kernel-trace-3.0.101-0.47.106.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.s390x"
},
"product_reference": "kernel-trace-base-3.0.101-0.47.106.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.s390x"
},
"product_reference": "kernel-trace-devel-3.0.101-0.47.106.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-xen-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-0.47.106.8.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.i586"
},
"product_reference": "kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-1000253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000253"
}
],
"notes": [
{
"category": "general",
"text": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000253",
"url": "https://www.suse.com/security/cve/CVE-2017-1000253"
},
{
"category": "external",
"summary": "SUSE Bug 1059525 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1059525"
},
{
"category": "external",
"summary": "SUSE Bug 1061680 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1061680"
},
{
"category": "external",
"summary": "SUSE Bug 1063607 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1063607"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1071943"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1075506 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1075506"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1149729 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1149729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-source-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-syms-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-bigsmp-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-default-man-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-ec2-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-pae-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-source-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-syms-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-trace-devel-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-base-3.0.101-0.47.106.8.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:kernel-xen-devel-3.0.101-0.47.106.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-13T14:58:02Z",
"details": "moderate"
}
],
"title": "CVE-2017-1000253"
}
]
}
SUSE-SU-2017:3165-1
Vulnerability from csaf_suse - Published: 2017-11-30 15:59 - Updated: 2017-11-30 15:59Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 11 SP4 Realtime kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667).
- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327).
- CVE-2017-15265: Race condition in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c (bnc#1062520).
- CVE-2017-14489: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel allowed local users to cause a denial of service (panic) by leveraging incorrect length validation (bnc#1059051).
- CVE-2017-1000253: Setuid root PIE binaries could still be exploited to gain local root access due missing overlapping memory checking in the ELF loader in the Linux Kernel. (bnc#1059525).
The following non-security bugs were fixed:
- blacklist.conf: blacklist bfedb589252c ('mm: Add a user_ns owner to mm_struct and fix ptrace permission checks') (bnc#1044228)
- bnx2x: prevent crash when accessing PTP with interface down (bsc#1060665).
- drm/mgag200: Fixes for G200eH3. (bnc#1062842)
- fs/binfmt_elf.c:load_elf_binary(): return -EINVAL on zero-length mappings (bnc#1059525).
- getcwd: Close race with d_move called by lustre (bsc#1052593).
- hid: usbhid: Add HID_QUIRK_NOGET for Aten CS-1758 KVM switch (bnc#1022967).
- i40e: Initialize 64-bit statistics TX ring seqcount (bsc#909484 FATE#317397).
- kvm: async_pf: Fix #DF due to inject 'Page not Present' and 'Page Ready' exceptions simultaneously (bsc#1061017).
- kvm: SVM: Add a missing 'break' statement (bsc#1061017).
- lustre: Fix 'getcwd: Close race with d_move called by lustre' for -rt Convert added spin_lock/unlock() of ->d_lock to seqlock variants.
- md/bitmap: disable bitmap_resize for file-backed bitmaps (bsc#1061180).
- netback: coalesce (guest) RX SKBs as needed (bsc#1056504).
- nfs: Remove asserts from the NFS XDR code (bsc#1063544).
- powerpc: Fix the corrupt r3 error during MCE handling (bnc#1056230).
- powerpc: Make sure IPI handlers see data written by IPI senders (bnc#1056230).
- powerpc/xics: Harden xics hypervisor backend (bnc#1056230).
- s390/cpcmd,vmcp: avoid GFP_DMA allocations (bnc#1060245, LTC#159112).
- s390/qdio: avoid reschedule of outbound tasklet once killed (bnc#1063301, LTC#159885).
- s390/topology: alternative topology for topology-less machines (bnc#1060245, LTC#159177).
- s390/topology: enable / disable topology dynamically (bnc#1060245, LTC#159177).
- scsi: qla2xxx: Get mutex lock before checking optrom_state (bsc#1053317).
- scsi: reset wait for IO completion (bsc#996376).
- scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records (bnc#1060245, LTC#158494).
- scsi: zfcp: fix missing trace records for early returns in TMF eh handlers (bnc#1060245, LTC#158494).
- scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA (bnc#1060245, LTC#158494).
- scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records (bnc#1060245, LTC#158494).
- scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled (bnc#1060245, LTC#158493).
- scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late response (bnc#1060245, LTC#158494).
- Update config files. (bsc#1057796) The CONFIG_MODULE_SIG_UEFI should be enabled on x86_64/xen architecture because xen can work with shim on x86_64. Enabling the following kernel config to load certificate from db/mok: +CONFIG_MODULE_SIG_BLACKLIST=y +CONFIG_MODULE_SIG_UEFI=y
- virtio_scsi: do not call virtqueue_add_sgs(... GFP_NOIO) holding spinlock (bsc#1036286).
Patchnames: slertesp4-kernel-rt-201711-13355
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
8.1 (High)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.5 (Medium)
Affected products
Recommended
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
57 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 11 SP4 Realtime kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667).\n- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327).\n- CVE-2017-15265: Race condition in the ALSA subsystem in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c (bnc#1062520).\n- CVE-2017-14489: The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel allowed local users to cause a denial of service (panic) by leveraging incorrect length validation (bnc#1059051).\n- CVE-2017-1000253: Setuid root PIE binaries could still be exploited to gain local root access due missing overlapping memory checking in the ELF loader in the Linux Kernel. (bnc#1059525).\n\nThe following non-security bugs were fixed:\n\n- blacklist.conf: blacklist bfedb589252c (\u0027mm: Add a user_ns owner to mm_struct and fix ptrace permission checks\u0027) (bnc#1044228)\n- bnx2x: prevent crash when accessing PTP with interface down (bsc#1060665).\n- drm/mgag200: Fixes for G200eH3. (bnc#1062842)\n- fs/binfmt_elf.c:load_elf_binary(): return -EINVAL on zero-length mappings (bnc#1059525).\n- getcwd: Close race with d_move called by lustre (bsc#1052593).\n- hid: usbhid: Add HID_QUIRK_NOGET for Aten CS-1758 KVM switch (bnc#1022967).\n- i40e: Initialize 64-bit statistics TX ring seqcount (bsc#909484 FATE#317397).\n- kvm: async_pf: Fix #DF due to inject \u0027Page not Present\u0027 and \u0027Page Ready\u0027 exceptions simultaneously (bsc#1061017).\n- kvm: SVM: Add a missing \u0027break\u0027 statement (bsc#1061017).\n- lustre: Fix \u0027getcwd: Close race with d_move called by lustre\u0027 for -rt Convert added spin_lock/unlock() of -\u003ed_lock to seqlock variants.\n- md/bitmap: disable bitmap_resize for file-backed bitmaps (bsc#1061180).\n- netback: coalesce (guest) RX SKBs as needed (bsc#1056504).\n- nfs: Remove asserts from the NFS XDR code (bsc#1063544).\n- powerpc: Fix the corrupt r3 error during MCE handling (bnc#1056230).\n- powerpc: Make sure IPI handlers see data written by IPI senders (bnc#1056230).\n- powerpc/xics: Harden xics hypervisor backend (bnc#1056230).\n- s390/cpcmd,vmcp: avoid GFP_DMA allocations (bnc#1060245, LTC#159112).\n- s390/qdio: avoid reschedule of outbound tasklet once killed (bnc#1063301, LTC#159885).\n- s390/topology: alternative topology for topology-less machines (bnc#1060245, LTC#159177).\n- s390/topology: enable / disable topology dynamically (bnc#1060245, LTC#159177).\n- scsi: qla2xxx: Get mutex lock before checking optrom_state (bsc#1053317).\n- scsi: reset wait for IO completion (bsc#996376).\n- scsi: zfcp: fix capping of unsuccessful GPN_FT SAN response trace records (bnc#1060245, LTC#158494).\n- scsi: zfcp: fix missing trace records for early returns in TMF eh handlers (bnc#1060245, LTC#158494).\n- scsi: zfcp: fix passing fsf_req to SCSI trace on TMF to correlate with HBA (bnc#1060245, LTC#158494).\n- scsi: zfcp: fix payload with full FCP_RSP IU in SCSI trace records (bnc#1060245, LTC#158494).\n- scsi: zfcp: fix queuecommand for scsi_eh commands when DIX enabled (bnc#1060245, LTC#158493).\n- scsi: zfcp: trace HBA FSF response by default on dismiss or timedout late response (bnc#1060245, LTC#158494).\n- Update config files. (bsc#1057796) The CONFIG_MODULE_SIG_UEFI should be enabled on x86_64/xen architecture because xen can work with shim on x86_64. Enabling the following kernel config to load certificate from db/mok: +CONFIG_MODULE_SIG_BLACKLIST=y +CONFIG_MODULE_SIG_UEFI=y\n- virtio_scsi: do not call virtqueue_add_sgs(... GFP_NOIO) holding spinlock (bsc#1036286).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slertesp4-kernel-rt-201711-13355",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_3165-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:3165-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173165-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:3165-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003459.html"
},
{
"category": "self",
"summary": "SUSE Bug 1022967",
"url": "https://bugzilla.suse.com/1022967"
},
{
"category": "self",
"summary": "SUSE Bug 1036286",
"url": "https://bugzilla.suse.com/1036286"
},
{
"category": "self",
"summary": "SUSE Bug 1044228",
"url": "https://bugzilla.suse.com/1044228"
},
{
"category": "self",
"summary": "SUSE Bug 1045327",
"url": "https://bugzilla.suse.com/1045327"
},
{
"category": "self",
"summary": "SUSE Bug 1052593",
"url": "https://bugzilla.suse.com/1052593"
},
{
"category": "self",
"summary": "SUSE Bug 1053317",
"url": "https://bugzilla.suse.com/1053317"
},
{
"category": "self",
"summary": "SUSE Bug 1056230",
"url": "https://bugzilla.suse.com/1056230"
},
{
"category": "self",
"summary": "SUSE Bug 1056504",
"url": "https://bugzilla.suse.com/1056504"
},
{
"category": "self",
"summary": "SUSE Bug 1057796",
"url": "https://bugzilla.suse.com/1057796"
},
{
"category": "self",
"summary": "SUSE Bug 1059051",
"url": "https://bugzilla.suse.com/1059051"
},
{
"category": "self",
"summary": "SUSE Bug 1059525",
"url": "https://bugzilla.suse.com/1059525"
},
{
"category": "self",
"summary": "SUSE Bug 1060245",
"url": "https://bugzilla.suse.com/1060245"
},
{
"category": "self",
"summary": "SUSE Bug 1060665",
"url": "https://bugzilla.suse.com/1060665"
},
{
"category": "self",
"summary": "SUSE Bug 1061017",
"url": "https://bugzilla.suse.com/1061017"
},
{
"category": "self",
"summary": "SUSE Bug 1061180",
"url": "https://bugzilla.suse.com/1061180"
},
{
"category": "self",
"summary": "SUSE Bug 1062520",
"url": "https://bugzilla.suse.com/1062520"
},
{
"category": "self",
"summary": "SUSE Bug 1062842",
"url": "https://bugzilla.suse.com/1062842"
},
{
"category": "self",
"summary": "SUSE Bug 1063301",
"url": "https://bugzilla.suse.com/1063301"
},
{
"category": "self",
"summary": "SUSE Bug 1063544",
"url": "https://bugzilla.suse.com/1063544"
},
{
"category": "self",
"summary": "SUSE Bug 1063667",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "self",
"summary": "SUSE Bug 909484",
"url": "https://bugzilla.suse.com/909484"
},
{
"category": "self",
"summary": "SUSE Bug 996376",
"url": "https://bugzilla.suse.com/996376"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000253 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14489 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14489/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15265 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15274 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15274/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-11-30T15:59:50Z",
"generator": {
"date": "2017-11-30T15:59:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:3165-1",
"initial_release_date": "2017-11-30T15:59:50Z",
"revision_history": [
{
"date": "2017-11-30T15:59:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"product": {
"name": "kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"product_id": "kernel-rt-3.0.101.rt130-69.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"product": {
"name": "kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"product_id": "kernel-rt-base-3.0.101.rt130-69.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"product": {
"name": "kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"product_id": "kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"product": {
"name": "kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"product_id": "kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"product": {
"name": "kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"product_id": "kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"product": {
"name": "kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"product_id": "kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"product": {
"name": "kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"product_id": "kernel-source-rt-3.0.101.rt130-69.11.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64",
"product": {
"name": "kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64",
"product_id": "kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Real Time 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:suse-linux-enterprise-rt:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-3.0.101.rt130-69.11.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64"
},
"product_reference": "kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-base-3.0.101.rt130-69.11.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64"
},
"product_reference": "kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64"
},
"product_reference": "kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64"
},
"product_reference": "kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64"
},
"product_reference": "kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64"
},
"product_reference": "kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-3.0.101.rt130-69.11.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64"
},
"product_reference": "kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
"product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
},
"product_reference": "kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-1000253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000253"
}
],
"notes": [
{
"category": "general",
"text": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000253",
"url": "https://www.suse.com/security/cve/CVE-2017-1000253"
},
{
"category": "external",
"summary": "SUSE Bug 1059525 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1059525"
},
{
"category": "external",
"summary": "SUSE Bug 1061680 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1061680"
},
{
"category": "external",
"summary": "SUSE Bug 1063607 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1063607"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1071943"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1075506 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1075506"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1149729 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1149729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-30T15:59:50Z",
"details": "moderate"
}
],
"title": "CVE-2017-1000253"
},
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-30T15:59:50Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-14489",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14489"
}
],
"notes": [
{
"category": "general",
"text": "The iscsi_if_rx function in drivers/scsi/scsi_transport_iscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service (panic) by leveraging incorrect length validation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14489",
"url": "https://www.suse.com/security/cve/CVE-2017-14489"
},
{
"category": "external",
"summary": "SUSE Bug 1059051 for CVE-2017-14489",
"url": "https://bugzilla.suse.com/1059051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-30T15:59:50Z",
"details": "low"
}
],
"title": "CVE-2017-14489"
},
{
"cve": "CVE-2017-15265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15265"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15265",
"url": "https://www.suse.com/security/cve/CVE-2017-15265"
},
{
"category": "external",
"summary": "SUSE Bug 1062520 for CVE-2017-15265",
"url": "https://bugzilla.suse.com/1062520"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-15265",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-30T15:59:50Z",
"details": "low"
}
],
"title": "CVE-2017-15265"
},
{
"cve": "CVE-2017-15274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15274"
}
],
"notes": [
{
"category": "general",
"text": "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15274",
"url": "https://www.suse.com/security/cve/CVE-2017-15274"
},
{
"category": "external",
"summary": "SUSE Bug 1045327 for CVE-2017-15274",
"url": "https://bugzilla.suse.com/1045327"
},
{
"category": "external",
"summary": "SUSE Bug 1062471 for CVE-2017-15274",
"url": "https://bugzilla.suse.com/1062471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.11.1.x86_64",
"SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.11.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-30T15:59:50Z",
"details": "low"
}
],
"title": "CVE-2017-15274"
}
]
}
SUSE-SU-2025:0152-1
Vulnerability from csaf_suse - Published: 2025-01-17 09:13 - Updated: 2025-01-17 09:13Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.
The following security bugs were fixed:
- CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588)
- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).
- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).
- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).
- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).
- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).
- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).
- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).
- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).
- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).
- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).
The following non-security bugs were fixed:
- Enable CONFIG_FIRMWARE_SIG ()
- r8169: check ALDPS bit and disable it if enabled for the 8168g (bnc#845352).
- rpm/kernel-binary.spec.in: Remove obsolete ext4-writeable. Needs to be handled differently. (bnc#830822)
Patchnames: SUSE-2025-152,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-152
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4.7 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.7 (Medium)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
91 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588)\n- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).\n- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).\n- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).\n- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).\n- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).\n- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).\n- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).\n- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).\n- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).\n- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).\n\nThe following non-security bugs were fixed:\n\n- Enable CONFIG_FIRMWARE_SIG ()\n- r8169: check ALDPS bit and disable it if enabled for the 8168g (bnc#845352).\n- rpm/kernel-binary.spec.in: Remove obsolete ext4-writeable. Needs to be handled differently. (bnc#830822)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2025-152,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-152",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0152-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2025:0152-1",
"url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250152-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2025:0152-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020152.html"
},
{
"category": "self",
"summary": "SUSE Bug 1027565",
"url": "https://bugzilla.suse.com/1027565"
},
{
"category": "self",
"summary": "SUSE Bug 1056588",
"url": "https://bugzilla.suse.com/1056588"
},
{
"category": "self",
"summary": "SUSE Bug 1059525",
"url": "https://bugzilla.suse.com/1059525"
},
{
"category": "self",
"summary": "SUSE Bug 1202346",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "self",
"summary": "SUSE Bug 1227985",
"url": "https://bugzilla.suse.com/1227985"
},
{
"category": "self",
"summary": "SUSE Bug 1234846",
"url": "https://bugzilla.suse.com/1234846"
},
{
"category": "self",
"summary": "SUSE Bug 1234853",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "self",
"summary": "SUSE Bug 1234891",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "self",
"summary": "SUSE Bug 1234963",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "self",
"summary": "SUSE Bug 1235054",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "self",
"summary": "SUSE Bug 1235056",
"url": "https://bugzilla.suse.com/1235056"
},
{
"category": "self",
"summary": "SUSE Bug 1235061",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "self",
"summary": "SUSE Bug 1235073",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "self",
"summary": "SUSE Bug 1235220",
"url": "https://bugzilla.suse.com/1235220"
},
{
"category": "self",
"summary": "SUSE Bug 1235224",
"url": "https://bugzilla.suse.com/1235224"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000253 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000253/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14051 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2636 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2636/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-20368 page",
"url": "https://www.suse.com/security/cve/CVE-2022-20368/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-48839 page",
"url": "https://www.suse.com/security/cve/CVE-2022-48839/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53146 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53146/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53156 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53173 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53173/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-53239 page",
"url": "https://www.suse.com/security/cve/CVE-2024-53239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56539 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56539/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56548 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56548/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56598 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56598/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56604 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56605 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56605/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-56619 page",
"url": "https://www.suse.com/security/cve/CVE-2024-56619/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2025-01-17T09:13:58Z",
"generator": {
"date": "2025-01-17T09:13:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2025:0152-1",
"initial_release_date": "2025-01-17T09:13:58Z",
"revision_history": [
{
"date": "2025-01-17T09:13:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-debug-3.0.101-108.174.1.i586",
"product_id": "kernel-debug-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-debug-base-3.0.101-108.174.1.i586",
"product_id": "kernel-debug-base-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-debug-devel-3.0.101-108.174.1.i586",
"product_id": "kernel-debug-devel-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-debug-extra-3.0.101-108.174.1.i586",
"product_id": "kernel-debug-extra-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-debug-hmac-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-debug-hmac-3.0.101-108.174.1.i586",
"product_id": "kernel-debug-hmac-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-default-3.0.101-108.174.1.i586",
"product_id": "kernel-default-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-default-base-3.0.101-108.174.1.i586",
"product_id": "kernel-default-base-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-default-devel-3.0.101-108.174.1.i586",
"product_id": "kernel-default-devel-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-default-extra-3.0.101-108.174.1.i586",
"product_id": "kernel-default-extra-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-default-hmac-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-default-hmac-3.0.101-108.174.1.i586",
"product_id": "kernel-default-hmac-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-ec2-3.0.101-108.174.1.i586",
"product_id": "kernel-ec2-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-ec2-base-3.0.101-108.174.1.i586",
"product_id": "kernel-ec2-base-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.174.1.i586",
"product_id": "kernel-ec2-devel-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-ec2-extra-3.0.101-108.174.1.i586",
"product_id": "kernel-ec2-extra-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-ec2-hmac-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-ec2-hmac-3.0.101-108.174.1.i586",
"product_id": "kernel-ec2-hmac-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-pae-3.0.101-108.174.1.i586",
"product_id": "kernel-pae-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-base-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-pae-base-3.0.101-108.174.1.i586",
"product_id": "kernel-pae-base-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-devel-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-pae-devel-3.0.101-108.174.1.i586",
"product_id": "kernel-pae-devel-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-extra-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-pae-extra-3.0.101-108.174.1.i586",
"product_id": "kernel-pae-extra-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-pae-hmac-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-pae-hmac-3.0.101-108.174.1.i586",
"product_id": "kernel-pae-hmac-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-source-3.0.101-108.174.1.i586",
"product_id": "kernel-source-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.174.1.i586",
"product_id": "kernel-source-vanilla-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-syms-3.0.101-108.174.1.i586",
"product_id": "kernel-syms-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-trace-3.0.101-108.174.1.i586",
"product_id": "kernel-trace-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-trace-base-3.0.101-108.174.1.i586",
"product_id": "kernel-trace-base-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-trace-devel-3.0.101-108.174.1.i586",
"product_id": "kernel-trace-devel-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-extra-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-trace-extra-3.0.101-108.174.1.i586",
"product_id": "kernel-trace-extra-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-trace-hmac-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-trace-hmac-3.0.101-108.174.1.i586",
"product_id": "kernel-trace-hmac-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-vanilla-3.0.101-108.174.1.i586",
"product_id": "kernel-vanilla-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-vanilla-base-3.0.101-108.174.1.i586",
"product_id": "kernel-vanilla-base-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-vanilla-devel-3.0.101-108.174.1.i586",
"product_id": "kernel-vanilla-devel-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-hmac-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-vanilla-hmac-3.0.101-108.174.1.i586",
"product_id": "kernel-vanilla-hmac-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-xen-3.0.101-108.174.1.i586",
"product_id": "kernel-xen-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-xen-base-3.0.101-108.174.1.i586",
"product_id": "kernel-xen-base-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-xen-devel-3.0.101-108.174.1.i586",
"product_id": "kernel-xen-devel-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-extra-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-xen-extra-3.0.101-108.174.1.i586",
"product_id": "kernel-xen-extra-3.0.101-108.174.1.i586"
}
},
{
"category": "product_version",
"name": "kernel-xen-hmac-3.0.101-108.174.1.i586",
"product": {
"name": "kernel-xen-hmac-3.0.101-108.174.1.i586",
"product_id": "kernel-xen-hmac-3.0.101-108.174.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.174.1.ia64",
"product": {
"name": "kernel-source-3.0.101-108.174.1.ia64",
"product_id": "kernel-source-3.0.101-108.174.1.ia64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.174.1.ia64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.174.1.ia64",
"product_id": "kernel-source-vanilla-3.0.101-108.174.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-docs-3.0.101-108.174.1.noarch",
"product": {
"name": "kernel-docs-3.0.101-108.174.1.noarch",
"product_id": "kernel-docs-3.0.101-108.174.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.174.1.ppc",
"product": {
"name": "kernel-source-3.0.101-108.174.1.ppc",
"product_id": "kernel-source-3.0.101-108.174.1.ppc"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.174.1.ppc",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.174.1.ppc",
"product_id": "kernel-source-vanilla-3.0.101-108.174.1.ppc"
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.174.1.ppc64",
"product": {
"name": "kernel-source-3.0.101-108.174.1.ppc64",
"product_id": "kernel-source-3.0.101-108.174.1.ppc64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.174.1.ppc64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.174.1.ppc64",
"product_id": "kernel-source-vanilla-3.0.101-108.174.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.174.1.s390",
"product": {
"name": "kernel-source-3.0.101-108.174.1.s390",
"product_id": "kernel-source-3.0.101-108.174.1.s390"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.174.1.s390",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.174.1.s390",
"product_id": "kernel-source-vanilla-3.0.101-108.174.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.174.1.s390x",
"product": {
"name": "kernel-source-3.0.101-108.174.1.s390x",
"product_id": "kernel-source-3.0.101-108.174.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.174.1.s390x",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.174.1.s390x",
"product_id": "kernel-source-vanilla-3.0.101-108.174.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-debug-3.0.101-108.174.1.x86_64",
"product_id": "kernel-debug-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-debug-base-3.0.101-108.174.1.x86_64",
"product_id": "kernel-debug-base-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-debug-devel-3.0.101-108.174.1.x86_64",
"product_id": "kernel-debug-devel-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-extra-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-debug-extra-3.0.101-108.174.1.x86_64",
"product_id": "kernel-debug-extra-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-hmac-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-debug-hmac-3.0.101-108.174.1.x86_64",
"product_id": "kernel-debug-hmac-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-default-3.0.101-108.174.1.x86_64",
"product_id": "kernel-default-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-default-base-3.0.101-108.174.1.x86_64",
"product_id": "kernel-default-base-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-default-devel-3.0.101-108.174.1.x86_64",
"product_id": "kernel-default-devel-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-default-extra-3.0.101-108.174.1.x86_64",
"product_id": "kernel-default-extra-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-hmac-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-default-hmac-3.0.101-108.174.1.x86_64",
"product_id": "kernel-default-hmac-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-ec2-3.0.101-108.174.1.x86_64",
"product_id": "kernel-ec2-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-base-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-ec2-base-3.0.101-108.174.1.x86_64",
"product_id": "kernel-ec2-base-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"product_id": "kernel-ec2-devel-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.0.101-108.174.1.x86_64",
"product_id": "kernel-ec2-extra-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-hmac-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-ec2-hmac-3.0.101-108.174.1.x86_64",
"product_id": "kernel-ec2-hmac-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-source-3.0.101-108.174.1.x86_64",
"product_id": "kernel-source-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-source-vanilla-3.0.101-108.174.1.x86_64",
"product_id": "kernel-source-vanilla-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-syms-3.0.101-108.174.1.x86_64",
"product_id": "kernel-syms-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-trace-3.0.101-108.174.1.x86_64",
"product_id": "kernel-trace-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-base-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-trace-base-3.0.101-108.174.1.x86_64",
"product_id": "kernel-trace-base-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-devel-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-trace-devel-3.0.101-108.174.1.x86_64",
"product_id": "kernel-trace-devel-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-extra-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-trace-extra-3.0.101-108.174.1.x86_64",
"product_id": "kernel-trace-extra-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-trace-hmac-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-trace-hmac-3.0.101-108.174.1.x86_64",
"product_id": "kernel-trace-hmac-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-vanilla-3.0.101-108.174.1.x86_64",
"product_id": "kernel-vanilla-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-vanilla-base-3.0.101-108.174.1.x86_64",
"product_id": "kernel-vanilla-base-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-3.0.101-108.174.1.x86_64",
"product_id": "kernel-vanilla-devel-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-hmac-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-vanilla-hmac-3.0.101-108.174.1.x86_64",
"product_id": "kernel-vanilla-hmac-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-xen-3.0.101-108.174.1.x86_64",
"product_id": "kernel-xen-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-xen-base-3.0.101-108.174.1.x86_64",
"product_id": "kernel-xen-base-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.0.101-108.174.1.x86_64",
"product_id": "kernel-xen-devel-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-extra-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-xen-extra-3.0.101-108.174.1.x86_64",
"product_id": "kernel-xen-extra-3.0.101-108.174.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-hmac-3.0.101-108.174.1.x86_64",
"product": {
"name": "kernel-xen-hmac-3.0.101-108.174.1.x86_64",
"product_id": "kernel-xen-hmac-3.0.101-108.174.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-default-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-default-base-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-default-devel-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-ec2-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-ec2-base-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-source-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-syms-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-trace-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-trace-base-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-trace-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-trace-devel-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-xen-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-xen-base-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
"product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.0.101-108.174.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-1000253",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000253"
}
],
"notes": [
{
"category": "general",
"text": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000253",
"url": "https://www.suse.com/security/cve/CVE-2017-1000253"
},
{
"category": "external",
"summary": "SUSE Bug 1059525 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1059525"
},
{
"category": "external",
"summary": "SUSE Bug 1061680 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1061680"
},
{
"category": "external",
"summary": "SUSE Bug 1063607 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1063607"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1071943"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1075506 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1075506"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1149729 for CVE-2017-1000253",
"url": "https://bugzilla.suse.com/1149729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "moderate"
}
],
"title": "CVE-2017-1000253"
},
{
"cve": "CVE-2017-14051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14051"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14051",
"url": "https://www.suse.com/security/cve/CVE-2017-14051"
},
{
"category": "external",
"summary": "SUSE Bug 1056588 for CVE-2017-14051",
"url": "https://bugzilla.suse.com/1056588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "moderate"
}
],
"title": "CVE-2017-14051"
},
{
"cve": "CVE-2017-2636",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2636"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2636",
"url": "https://www.suse.com/security/cve/CVE-2017-2636"
},
{
"category": "external",
"summary": "SUSE Bug 1027565 for CVE-2017-2636",
"url": "https://bugzilla.suse.com/1027565"
},
{
"category": "external",
"summary": "SUSE Bug 1027575 for CVE-2017-2636",
"url": "https://bugzilla.suse.com/1027575"
},
{
"category": "external",
"summary": "SUSE Bug 1028372 for CVE-2017-2636",
"url": "https://bugzilla.suse.com/1028372"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-2636",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "moderate"
}
],
"title": "CVE-2017-2636"
},
{
"cve": "CVE-2022-20368",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-20368"
}
],
"notes": [
{
"category": "general",
"text": "Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-20368",
"url": "https://www.suse.com/security/cve/CVE-2022-20368"
},
{
"category": "external",
"summary": "SUSE Bug 1202346 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1202346"
},
{
"category": "external",
"summary": "SUSE Bug 1212311 for CVE-2022-20368",
"url": "https://bugzilla.suse.com/1212311"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-20368"
},
{
"cve": "CVE-2022-48839",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-48839"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix slab-out-of-bounds access in packet_recvmsg()\n\nsyzbot found that when an AF_PACKET socket is using PACKET_COPY_THRESH\nand mmap operations, tpacket_rcv() is queueing skbs with\ngarbage in skb-\u003ecb[], triggering a too big copy [1]\n\nPresumably, users of af_packet using mmap() already gets correct\nmetadata from the mapped buffer, we can simply make sure\nto clear 12 bytes that might be copied to user space later.\n\nBUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:225 [inline]\nBUG: KASAN: stack-out-of-bounds in packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489\nWrite of size 165 at addr ffffc9000385fb78 by task syz-executor233/3631\n\nCPU: 0 PID: 3631 Comm: syz-executor233 Not tainted 5.17.0-rc7-syzkaller-02396-g0b3660695e80 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0xf/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0x13d/0x180 mm/kasan/generic.c:189\n memcpy+0x39/0x60 mm/kasan/shadow.c:66\n memcpy include/linux/fortify-string.h:225 [inline]\n packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489\n sock_recvmsg_nosec net/socket.c:948 [inline]\n sock_recvmsg net/socket.c:966 [inline]\n sock_recvmsg net/socket.c:962 [inline]\n ____sys_recvmsg+0x2c4/0x600 net/socket.c:2632\n ___sys_recvmsg+0x127/0x200 net/socket.c:2674\n __sys_recvmsg+0xe2/0x1a0 net/socket.c:2704\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fdfd5954c29\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcf8e71e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdfd5954c29\nRDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf8e71e60\nR13: 00000000000f4240 R14: 000000000000c1ff R15: 00007ffcf8e71e54\n \u003c/TASK\u003e\n\naddr ffffc9000385fb78 is located in stack of task syz-executor233/3631 at offset 32 in frame:\n ____sys_recvmsg+0x0/0x600 include/linux/uio.h:246\n\nthis frame has 1 object:\n [32, 160) \u0027addr\u0027\n\nMemory state around the buggy address:\n ffffc9000385fa80: 00 04 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00\n ffffc9000385fb00: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00\n\u003effffc9000385fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3\n ^\n ffffc9000385fc00: f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1\n ffffc9000385fc80: f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 00 00 00 00 00\n==================================================================",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-48839",
"url": "https://www.suse.com/security/cve/CVE-2022-48839"
},
{
"category": "external",
"summary": "SUSE Bug 1227985 for CVE-2022-48839",
"url": "https://bugzilla.suse.com/1227985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "moderate"
}
],
"title": "CVE-2022-48839"
},
{
"cve": "CVE-2024-53146",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53146"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Prevent a potential integer overflow\n\nIf the tag length is \u003e= U32_MAX - 3 then the \"length + 4\" addition\ncan result in an integer overflow. Address this by splitting the\ndecoding into several steps so that decode_cb_compound4res() does\nnot have to perform arithmetic on the unsafe length value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53146",
"url": "https://www.suse.com/security/cve/CVE-2024-53146"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53146",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234854 for CVE-2024-53146",
"url": "https://bugzilla.suse.com/1234854"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-53146"
},
{
"cve": "CVE-2024-53156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53156"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()\n\nI found the following bug in my fuzzer:\n\n UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51\n index 255 is out of range for type \u0027htc_endpoint [22]\u0027\n CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.11.0-rc6-dirty #14\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n Workqueue: events request_firmware_work_func\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x180/0x1b0\n __ubsan_handle_out_of_bounds+0xd4/0x130\n htc_issue_send.constprop.0+0x20c/0x230\n ? _raw_spin_unlock_irqrestore+0x3c/0x70\n ath9k_wmi_cmd+0x41d/0x610\n ? mark_held_locks+0x9f/0xe0\n ...\n\nSince this bug has been confirmed to be caused by insufficient verification\nof conn_rsp_epid, I think it would be appropriate to add a range check for\nconn_rsp_epid to htc_connect_service() to prevent the bug from occurring.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53156",
"url": "https://www.suse.com/security/cve/CVE-2024-53156"
},
{
"category": "external",
"summary": "SUSE Bug 1234846 for CVE-2024-53156",
"url": "https://bugzilla.suse.com/1234846"
},
{
"category": "external",
"summary": "SUSE Bug 1234847 for CVE-2024-53156",
"url": "https://bugzilla.suse.com/1234847"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53156",
"url": "https://bugzilla.suse.com/1234853"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-53156"
},
{
"cve": "CVE-2024-53173",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53173"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53173",
"url": "https://www.suse.com/security/cve/CVE-2024-53173"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234891 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234891"
},
{
"category": "external",
"summary": "SUSE Bug 1234892 for CVE-2024-53173",
"url": "https://bugzilla.suse.com/1234892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-53173"
},
{
"cve": "CVE-2024-53239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-53239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: 6fire: Release resources at card release\n\nThe current 6fire code tries to release the resources right after the\ncall of usb6fire_chip_abort(). But at this moment, the card object\nmight be still in use (as we\u0027re calling snd_card_free_when_closed()).\n\nFor avoid potential UAFs, move the release of resources to the card\u0027s\nprivate_free instead of the manual call of usb6fire_chip_destroy() at\nthe USB disconnect callback.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-53239",
"url": "https://www.suse.com/security/cve/CVE-2024-53239"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235054 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235054"
},
{
"category": "external",
"summary": "SUSE Bug 1235055 for CVE-2024-53239",
"url": "https://bugzilla.suse.com/1235055"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-53239"
},
{
"cve": "CVE-2024-56539",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56539"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[ 356.775250] ------------[ cut here ]------------\n[ 356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv-\u003essid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[ 356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n ssid_len = user_scan_in-\u003essid_list[i].ssid_len;\n [...]\n memcpy(wildcard_ssid_tlv-\u003essid,\n user_scan_in-\u003essid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn\u0027t account for the size of the one-element\narray, so it doesn\u0027t need to be changed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56539",
"url": "https://www.suse.com/security/cve/CVE-2024-56539"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1234963 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234963"
},
{
"category": "external",
"summary": "SUSE Bug 1234964 for CVE-2024-56539",
"url": "https://bugzilla.suse.com/1234964"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-56539"
},
{
"cve": "CVE-2024-56548",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56548"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don\u0027t query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[ 419.944641] ==================================================================\n[ 419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[ 419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[ 419.947612]\n[ 419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[ 419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[ 419.950035] Call Trace:\n[ 419.950384] \u003cTASK\u003e\n[ 419.950676] dump_stack_lvl+0x57/0x78\n[ 419.951212] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.951830] print_report+0x14c/0x49e\n[ 419.952361] ? __virt_addr_valid+0x267/0x278\n[ 419.952979] ? kmem_cache_debug_flags+0xc/0x1d\n[ 419.953561] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.954231] kasan_report+0x89/0xb0\n[ 419.954748] ? hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955367] hfsplus_read_wrapper+0x659/0xa0a\n[ 419.955948] ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[ 419.956618] ? do_raw_spin_unlock+0x59/0x1a9\n[ 419.957214] ? _raw_spin_unlock+0x1a/0x2e\n[ 419.957772] hfsplus_fill_super+0x348/0x1590\n[ 419.958355] ? hlock_class+0x4c/0x109\n[ 419.958867] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.959499] ? __pfx_string+0x10/0x10\n[ 419.960006] ? lock_acquire+0x3e2/0x454\n[ 419.960532] ? bdev_name.constprop.0+0xce/0x243\n[ 419.961129] ? __pfx_bdev_name.constprop.0+0x10/0x10\n[ 419.961799] ? pointer+0x3f0/0x62f\n[ 419.962277] ? __pfx_pointer+0x10/0x10\n[ 419.962761] ? vsnprintf+0x6c4/0xfba\n[ 419.963178] ? __pfx_vsnprintf+0x10/0x10\n[ 419.963621] ? setup_bdev_super+0x376/0x3b3\n[ 419.964029] ? snprintf+0x9d/0xd2\n[ 419.964344] ? __pfx_snprintf+0x10/0x10\n[ 419.964675] ? lock_acquired+0x45c/0x5e9\n[ 419.965016] ? set_blocksize+0x139/0x1c1\n[ 419.965381] ? sb_set_blocksize+0x6d/0xae\n[ 419.965742] ? __pfx_hfsplus_fill_super+0x10/0x10\n[ 419.966179] mount_bdev+0x12f/0x1bf\n[ 419.966512] ? __pfx_mount_bdev+0x10/0x10\n[ 419.966886] ? vfs_parse_fs_string+0xce/0x111\n[ 419.967293] ? __pfx_vfs_parse_fs_string+0x10/0x10\n[ 419.967702] ? __pfx_hfsplus_mount+0x10/0x10\n[ 419.968073] legacy_get_tree+0x104/0x178\n[ 419.968414] vfs_get_tree+0x86/0x296\n[ 419.968751] path_mount+0xba3/0xd0b\n[ 419.969157] ? __pfx_path_mount+0x10/0x10\n[ 419.969594] ? kmem_cache_free+0x1e2/0x260\n[ 419.970311] do_mount+0x99/0xe0\n[ 419.970630] ? __pfx_do_mount+0x10/0x10\n[ 419.971008] __do_sys_mount+0x199/0x1c9\n[ 419.971397] do_syscall_64+0xd0/0x135\n[ 419.971761] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[ 419.972233] RIP: 0033:0x7c3cb812972e\n[ 419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[ 419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[ 419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[ 419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56548",
"url": "https://www.suse.com/security/cve/CVE-2024-56548"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235073 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235073"
},
{
"category": "external",
"summary": "SUSE Bug 1235074 for CVE-2024-56548",
"url": "https://bugzilla.suse.com/1235074"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-56548"
},
{
"cve": "CVE-2024-56598",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56598"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: array-index-out-of-bounds fix in dtReadFirst\n\nThe value of stbl can be sometimes out of bounds due\nto a bad filesystem. Added a check with appopriate return\nof error code in that case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56598",
"url": "https://www.suse.com/security/cve/CVE-2024-56598"
},
{
"category": "external",
"summary": "SUSE Bug 1235220 for CVE-2024-56598",
"url": "https://bugzilla.suse.com/1235220"
},
{
"category": "external",
"summary": "SUSE Bug 1235221 for CVE-2024-56598",
"url": "https://bugzilla.suse.com/1235221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-56598"
},
{
"cve": "CVE-2024-56604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56604"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()\n\nbt_sock_alloc() attaches allocated sk object to the provided sock object.\nIf rfcomm_dlc_alloc() fails, we release the sk object, but leave the\ndangling pointer in the sock object, which may cause use-after-free.\n\nFix this by swapping calls to bt_sock_alloc() and rfcomm_dlc_alloc().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56604",
"url": "https://www.suse.com/security/cve/CVE-2024-56604"
},
{
"category": "external",
"summary": "SUSE Bug 1235056 for CVE-2024-56604",
"url": "https://bugzilla.suse.com/1235056"
},
{
"category": "external",
"summary": "SUSE Bug 1235058 for CVE-2024-56604",
"url": "https://bugzilla.suse.com/1235058"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-56604"
},
{
"cve": "CVE-2024-56605",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56605"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56605",
"url": "https://www.suse.com/security/cve/CVE-2024-56605"
},
{
"category": "external",
"summary": "SUSE Bug 1234853 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1234853"
},
{
"category": "external",
"summary": "SUSE Bug 1235061 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235061"
},
{
"category": "external",
"summary": "SUSE Bug 1235062 for CVE-2024-56605",
"url": "https://bugzilla.suse.com/1235062"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-56605"
},
{
"cve": "CVE-2024-56619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-56619"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()\n\nSyzbot reported that when searching for records in a directory where the\ninode\u0027s i_size is corrupted and has a large value, memory access outside\nthe folio/page range may occur, or a use-after-free bug may be detected if\nKASAN is enabled.\n\nThis is because nilfs_last_byte(), which is called by nilfs_find_entry()\nand others to calculate the number of valid bytes of directory data in a\npage from i_size and the page index, loses the upper 32 bits of the 64-bit\nsize information due to an inappropriate type of local variable to which\nthe i_size value is assigned.\n\nThis caused a large byte offset value due to underflow in the end address\ncalculation in the calling nilfs_find_entry(), resulting in memory access\nthat exceeds the folio/page size.\n\nFix this issue by changing the type of the local variable causing the bit\nloss from \"unsigned int\" to \"u64\". The return value of nilfs_last_byte()\nis also of type \"unsigned int\", but it is truncated so as not to exceed\nPAGE_SIZE and no bit loss occurs, so no change is required.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-56619",
"url": "https://www.suse.com/security/cve/CVE-2024-56619"
},
{
"category": "external",
"summary": "SUSE Bug 1235224 for CVE-2024-56619",
"url": "https://bugzilla.suse.com/1235224"
},
{
"category": "external",
"summary": "SUSE Bug 1235225 for CVE-2024-56619",
"url": "https://bugzilla.suse.com/1235225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-01-17T09:13:58Z",
"details": "important"
}
],
"title": "CVE-2024-56619"
}
]
}
WID-SEC-W-2024-2078
Vulnerability from csaf_certbund - Published: 2017-09-26 22:00 - Updated: 2025-01-19 23:00Summary
Linux Kernel: Schwachstelle ermöglicht Privilegieneskalation
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erhöhen.
Betroffene Betriebssysteme: - Linux
Es existiert eine Schwachstelle im Linux Kernel in der Art und Weise wie die Linux-Kernel ELF-Executables geladen werden. Ein lokaler Angreifer mit Zugriff auf SUID oder eine anderweitig privilegierte Position Independent Executable (PIE)-Binärdatei kann diese Schwachstelle ausnutzen, um seine Privilegien auf dem System zu erweitern.
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux Server AUS 7.3 x86_64
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:7.3_x86_64
|
7.3 x86_64 | |
|
Red Hat Enterprise Linux 5.9
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:v.5.9:server:long_life
|
5.9 | |
|
Red Hat Enterprise Linux Server EUS 7.2 x86_64
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:7.2_x86_64
|
7.2 x86_64 | |
|
Red Hat Enterprise Linux Server AUS 6.5 x86_64
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:6.5_x86_64
|
6.5 x86_64 | |
|
SUSE Linux Enterprise Server SP3 LTSS
SUSE / Linux Enterprise Server
|
cpe:/o:suse:linux_enterprise_server:11:sp3:ltss
|
SP3 LTSS | |
|
Red Hat Enterprise Linux Server EUS 6.7
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:6.7
|
6.7 | |
|
Red Hat Enterprise Linux Server AUS 6.4 x86_64
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:6.4_x86_64
|
6.4 x86_64 | |
|
Red Hat Enterprise Linux Server AUS 6.2 x86_64
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:6.2_x86_64
|
6.2 x86_64 | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Red Hat Enterprise Linux Server AUS 7.2 x86_64
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:7.2_x86_64
|
7.2 x86_64 | |
|
Red Hat Enterprise Linux Server EUS 7.3 x86_64
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:7.3_x86_64
|
7.3 x86_64 | |
|
Red Hat Enterprise Linux 5
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:5
|
5 | |
|
Red Hat Enterprise Linux Desktop 6
Red Hat / Enterprise Linux Desktop
|
cpe:/o:redhat:enterprise_linux_desktop:6
|
6 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Open Source CentOS
Open Source
|
cpe:/o:centos:centos:-
|
— | |
|
Red Hat Enterprise Linux Server 6
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:6
|
6 | |
|
Red Hat Enterprise Linux Server AUS 6.6 x86_64
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:6.6_x86_64
|
6.6 x86_64 | |
|
SUSE Linux Enterprise Server SP4
SUSE / Linux Enterprise Server
|
cpe:/o:suse:linux_enterprise_server:11-sp4
|
SP4 |
References
25 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann eine Schwachstelle im Linux Kernel ausnutzen, um seine Privilegien zu erh\u00f6hen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2078 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2024-2078.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2078 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2078"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2799 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2799"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2794 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2794"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2793 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2793"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2796 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2796"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2798 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2798"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2797 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2797"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2795 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2795"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2800 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2800"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2801 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2801"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2017:2802 vom 2017-09-26",
"url": "https://access.redhat.com/errata/RHSA-2017:2802"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2017-2795 vom 2017-09-28",
"url": "http://linux.oracle.com/errata/ELSA-2017-2795.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2017-2801 vom 2017-10-07",
"url": "http://linux.oracle.com/errata/ELSA-2017-2801.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:2723-1 vom 2017-10-15",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172723-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:2725-1 vom 2017-10-15",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172725-1/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2017-3200 vom 2017-11-16",
"url": "http://linux.oracle.com/errata/ELSA-2017-3200.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2017:3165-1 vom 2017-12-01",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20173165-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2017-3658 vom 2017-12-08",
"url": "http://linux.oracle.com/errata/ELSA-2017-3658.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4036 vom 2018-02-21",
"url": "http://linux.oracle.com/errata/ELSA-2018-4036.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-1854 vom 2018-06-26",
"url": "http://linux.oracle.com/errata/ELSA-2018-1854.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4702 vom 2019-08-04",
"url": "http://linux.oracle.com/errata/ELSA-2019-4702.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4732 vom 2019-08-04",
"url": "http://linux.oracle.com/errata/ELSA-2019-4732.html"
},
{
"category": "external",
"summary": "CISA Known Exploited Vulnerabilities Catalog vom 2024-09-09",
"url": "https://www.cisa.gov/news-events/alerts/2024/09/09/cisa-adds-three-known-exploited-vulnerabilities-catalog"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:0152-1 vom 2025-01-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020152.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Schwachstelle erm\u00f6glicht Privilegieneskalation",
"tracking": {
"current_release_date": "2025-01-19T23:00:00.000+00:00",
"generator": {
"date": "2025-01-20T09:28:12.301+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-2078",
"initial_release_date": "2017-09-26T22:00:00.000+00:00",
"revision_history": [
{
"date": "2017-09-26T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2017-09-26T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-09-27T22:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2017-10-08T22:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2017-10-08T22:00:00.000+00:00",
"number": "5",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-11-15T23:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2017-11-30T23:00:00.000+00:00",
"number": "7",
"summary": "New remediations available"
},
{
"date": "2017-12-10T23:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2018-02-21T23:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2018-06-26T22:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2019-08-04T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-09-09T22:00:00.000+00:00",
"number": "12",
"summary": "Aktive Ausnutzung gemeldet"
},
{
"date": "2025-01-19T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source CentOS",
"product": {
"name": "Open Source CentOS",
"product_id": "1727",
"product_identification_helper": {
"cpe": "cpe:/o:centos:centos:-"
}
}
},
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "6368",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "5",
"product": {
"name": "Red Hat Enterprise Linux 5",
"product_id": "67748",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5"
}
}
},
{
"category": "product_version",
"name": "5.9",
"product": {
"name": "Red Hat Enterprise Linux 5.9",
"product_id": "T007369",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:v.5.9:server:long_life"
}
}
},
{
"category": "product_version",
"name": "6.4 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server AUS 6.4 x86_64",
"product_id": "T010850",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6.4_x86_64"
}
}
},
{
"category": "product_version",
"name": "7.3 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server EUS 7.3 x86_64",
"product_id": "T010852",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.3_x86_64"
}
}
},
{
"category": "product_version",
"name": "7.2 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server AUS 7.2 x86_64",
"product_id": "T010853",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.2_x86_64"
}
}
},
{
"category": "product_version",
"name": "7.2 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server EUS 7.2 x86_64",
"product_id": "T010854",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.2_x86_64"
}
}
},
{
"category": "product_version",
"name": "7.3 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server AUS 7.3 x86_64",
"product_id": "T010855",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7.3_x86_64"
}
}
},
{
"category": "product_version",
"name": "6.7",
"product": {
"name": "Red Hat Enterprise Linux Server EUS 6.7",
"product_id": "T010856",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6.7"
}
}
},
{
"category": "product_version",
"name": "6.5 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server AUS 6.5 x86_64",
"product_id": "T010857",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6.5_x86_64"
}
}
},
{
"category": "product_version",
"name": "6.6 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server AUS 6.6 x86_64",
"product_id": "T010858",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6.6_x86_64"
}
}
},
{
"category": "product_version",
"name": "6",
"product": {
"name": "Red Hat Enterprise Linux Server 6",
"product_id": "T010859",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6"
}
}
},
{
"category": "product_version",
"name": "6.2 x86_64",
"product": {
"name": "Red Hat Enterprise Linux Server AUS 6.2 x86_64",
"product_id": "T010861",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6.2_x86_64"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "6",
"product": {
"name": "Red Hat Enterprise Linux Desktop 6",
"product_id": "T010860",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_desktop:6"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux Desktop"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "SP4",
"product": {
"name": "SUSE Linux Enterprise Server SP4",
"product_id": "T005583",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_server:11-sp4"
}
}
},
{
"category": "product_version",
"name": "SP3 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server SP3 LTSS",
"product_id": "T007158",
"product_identification_helper": {
"cpe": "cpe:/o:suse:linux_enterprise_server:11:sp3:ltss"
}
}
}
],
"category": "product_name",
"name": "Linux Enterprise Server"
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-1000253",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle im Linux Kernel in der Art und Weise wie die Linux-Kernel ELF-Executables geladen werden. Ein lokaler Angreifer mit Zugriff auf SUID oder eine anderweitig privilegierte Position Independent Executable (PIE)-Bin\u00e4rdatei kann diese Schwachstelle ausnutzen, um seine Privilegien auf dem System zu erweitern."
}
],
"product_status": {
"known_affected": [
"T010855",
"T007369",
"T010854",
"T010857",
"T007158",
"T010856",
"T010850",
"T010861",
"6368",
"T010853",
"T010852",
"67748",
"T010860",
"T004914",
"T002207",
"1727",
"T010859",
"T010858",
"T005583"
]
},
"release_date": "2017-09-26T22:00:00.000+00:00",
"title": "CVE-2017-1000253"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…