Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-13166 (GCVE-0-2017-13166)
Vulnerability from cvelistv5 – Published: 2017-12-06 14:00 – Updated: 2024-09-16 22:40
VLAI
EPSS
Summary
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
Severity
7.8 (High)
CWE
- Elevation of privilege
Assigner
References
11 references
| URL | Tags |
|---|---|
| https://www.debian.org/security/2018/dsa-4187 | vendor-advisoryx_refsource_DEBIAN |
| https://www.debian.org/security/2018/dsa-4120 | vendor-advisoryx_refsource_DEBIAN |
| https://access.redhat.com/errata/RHSA-2018:1062 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:1319 | vendor-advisoryx_refsource_REDHAT |
| https://help.ecostruxureit.com/display/public/UAD… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:2948 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:0676 | vendor-advisoryx_refsource_REDHAT |
| https://source.android.com/security/bulletin/pixe… | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2018:1170 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2018:1130 | vendor-advisoryx_refsource_REDHAT |
| https://lists.debian.org/debian-lts-announce/2018… | mailing-listx_refsource_MLIST |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Google Inc. | Android |
Affected:
Android kernel
|
Date Public
2017-12-04 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:58:12.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "DSA-4120",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4120"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:1319",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1319"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2017-12-01"
},
{
"name": "RHSA-2018:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1170"
},
{
"name": "RHSA-2018:1130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1130"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android",
"vendor": "Google Inc.",
"versions": [
{
"status": "affected",
"version": "Android kernel"
}
]
}
],
"datePublic": "2017-12-04T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Elevation of privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-11-30T20:57:01.000Z",
"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"shortName": "google_android"
},
"references": [
{
"name": "DSA-4187",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "DSA-4120",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4120"
},
{
"name": "RHSA-2018:1062",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:1319",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1319"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:2948",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "RHSA-2018:0676",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/pixel/2017-12-01"
},
{
"name": "RHSA-2018:1170",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1170"
},
{
"name": "RHSA-2018:1130",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1130"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@android.com",
"DATE_PUBLIC": "2017-12-04T00:00:00",
"ID": "CVE-2017-13166",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android",
"version": {
"version_data": [
{
"version_value": "Android kernel"
}
]
}
}
]
},
"vendor_name": "Google Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Elevation of privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-4187",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"name": "DSA-4120",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4120"
},
{
"name": "RHSA-2018:1062",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1062"
},
{
"name": "RHSA-2018:1319",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1319"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:2948",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"name": "RHSA-2018:0676",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0676"
},
{
"name": "https://source.android.com/security/bulletin/pixel/2017-12-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-12-01"
},
{
"name": "RHSA-2018:1170",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1170"
},
{
"name": "RHSA-2018:1130",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1130"
},
{
"name": "[debian-lts-announce] 20180502 [SECURITY] [DLA 1369-1] linux security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
"assignerShortName": "google_android",
"cveId": "CVE-2017-13166",
"datePublished": "2017-12-06T14:00:00.000Z",
"dateReserved": "2017-08-23T00:00:00.000Z",
"dateUpdated": "2024-09-16T22:40:26.567Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2017-13166",
"date": "2026-06-08",
"epss": "0.00085",
"percentile": "0.24558"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de elevaci\\u00f3n de privilegios en el controlador de v\\u00eddeo v4l2 del kernel. Producto: Android. Versiones: Android kernel. Android ID: A-34624167.\"}]",
"id": "CVE-2017-13166",
"lastModified": "2024-11-21T03:11:04.660",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-12-06T14:29:01.363",
"references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2018:0676\", \"source\": \"security@android.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1062\", \"source\": \"security@android.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1130\", \"source\": \"security@android.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1170\", \"source\": \"security@android.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1319\", \"source\": \"security@android.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2948\", \"source\": \"security@android.com\"}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\", \"source\": \"security@android.com\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html\", \"source\": \"security@android.com\"}, {\"url\": \"https://source.android.com/security/bulletin/pixel/2017-12-01\", \"source\": \"security@android.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4120\", \"source\": \"security@android.com\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4187\", \"source\": \"security@android.com\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0676\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1062\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1130\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1170\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:1319\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:2948\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://source.android.com/security/bulletin/pixel/2017-12-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4120\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.debian.org/security/2018/dsa-4187\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security@android.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-13166\",\"sourceIdentifier\":\"security@android.com\",\"published\":\"2017-12-06T14:29:01.363\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de elevaci\u00f3n de privilegios en el controlador de v\u00eddeo v4l2 del kernel. Producto: Android. Versiones: Android kernel. Android ID: A-34624167.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0676\",\"source\":\"security@android.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1062\",\"source\":\"security@android.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1130\",\"source\":\"security@android.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1170\",\"source\":\"security@android.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1319\",\"source\":\"security@android.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2948\",\"source\":\"security@android.com\"},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\",\"source\":\"security@android.com\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html\",\"source\":\"security@android.com\"},{\"url\":\"https://source.android.com/security/bulletin/pixel/2017-12-01\",\"source\":\"security@android.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4120\",\"source\":\"security@android.com\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4187\",\"source\":\"security@android.com\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1062\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1130\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1319\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:2948\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://source.android.com/security/bulletin/pixel/2017-12-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4120\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.debian.org/security/2018/dsa-4187\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2018:1643-1
Vulnerability from csaf_suse - Published: 2018-06-11 08:35 - Updated: 2018-06-11 08:35Summary
Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP3)
Description of the patch: This update for the Linux Kernel 4.4.82-6_3 fixes several issues.
The following security issues were fixed:
- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. (bsc#1085447).
- CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs (bsc#1090368).
- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bsc#1090646).
- bsc#1083125: Fixed kgraft: small race in reversion code
- CVE-2018-1087: kernel KVM was vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest (bsc#1090869)
before
Patchnames: SUSE-SLE-Live-Patching-12-SP3-2018-1101
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.82-6_3 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. (bsc#1085447).\n- CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs (bsc#1090368).\n- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bsc#1090646).\n- bsc#1083125: Fixed kgraft: small race in reversion code\n- CVE-2018-1087: kernel KVM was vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest (bsc#1090869)\nbefore\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-SP3-2018-1101",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1643-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1643-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181643-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1643-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-June/004177.html"
},
{
"category": "self",
"summary": "SUSE Bug 1083125",
"url": "https://bugzilla.suse.com/1083125"
},
{
"category": "self",
"summary": "SUSE Bug 1085447",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "self",
"summary": "SUSE Bug 1090368",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "self",
"summary": "SUSE Bug 1090646",
"url": "https://bugzilla.suse.com/1090646"
},
{
"category": "self",
"summary": "SUSE Bug 1090869",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13166 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8897 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8897/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 1 for SLE 12 SP3)",
"tracking": {
"current_release_date": "2018-06-11T08:35:49Z",
"generator": {
"date": "2018-06-11T08:35:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1643-1",
"initial_release_date": "2018-06-11T08:35:49Z",
"revision_history": [
{
"date": "2018-06-11T08:35:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64",
"product_id": "kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13166"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13166",
"url": "https://www.suse.com/security/cve/CVE-2017-13166"
},
{
"category": "external",
"summary": "SUSE Bug 1072865 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1072865"
},
{
"category": "external",
"summary": "SUSE Bug 1085447 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:35:49Z",
"details": "important"
}
],
"title": "CVE-2017-13166"
},
{
"cve": "CVE-2018-1087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1087"
}
],
"notes": [
{
"category": "general",
"text": "kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1087",
"url": "https://www.suse.com/security/cve/CVE-2018-1087"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-1087",
"url": "https://bugzilla.suse.com/1087088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:35:49Z",
"details": "important"
}
],
"title": "CVE-2018-1087"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:35:49Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
},
{
"cve": "CVE-2018-8897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8897"
}
],
"notes": [
{
"category": "general",
"text": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8897",
"url": "https://www.suse.com/security/cve/CVE-2018-8897"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087088"
},
{
"category": "external",
"summary": "SUSE Bug 1090368 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "external",
"summary": "SUSE Bug 1090820 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090820"
},
{
"category": "external",
"summary": "SUSE Bug 1090869 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "external",
"summary": "SUSE Bug 1092497 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "external",
"summary": "SUSE Bug 1093522 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093522"
},
{
"category": "external",
"summary": "SUSE Bug 1093524 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093524"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100835 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1100835"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_82-6_3-default-9-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:35:49Z",
"details": "important"
}
],
"title": "CVE-2018-8897"
}
]
}
SUSE-SU-2018:1644-1
Vulnerability from csaf_suse - Published: 2018-06-11 08:39 - Updated: 2018-06-11 08:39Summary
Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP3)
Description of the patch: This update for the Linux Kernel 4.4.114-94_11 fixes several issues.
The following security issues were fixed:
- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. (bsc#1085447).
- CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs (bsc#1090368).
- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bsc#1090646).
- bsc#1083125: Fixed kgraft: small race in reversion code
- CVE-2018-1087: kernel KVM was vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest (bsc#1090869)
before
Patchnames: SUSE-SLE-Live-Patching-12-SP3-2018-1109
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.114-94_11 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. (bsc#1085447).\n- CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs (bsc#1090368).\n- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bsc#1090646).\n- bsc#1083125: Fixed kgraft: small race in reversion code\n- CVE-2018-1087: kernel KVM was vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest (bsc#1090869)\nbefore\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-SP3-2018-1109",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1644-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1644-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181644-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1644-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-June/004178.html"
},
{
"category": "self",
"summary": "SUSE Bug 1083125",
"url": "https://bugzilla.suse.com/1083125"
},
{
"category": "self",
"summary": "SUSE Bug 1085447",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "self",
"summary": "SUSE Bug 1090368",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "self",
"summary": "SUSE Bug 1090646",
"url": "https://bugzilla.suse.com/1090646"
},
{
"category": "self",
"summary": "SUSE Bug 1090869",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13166 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8897 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8897/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 8 for SLE 12 SP3)",
"tracking": {
"current_release_date": "2018-06-11T08:39:58Z",
"generator": {
"date": "2018-06-11T08:39:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1644-1",
"initial_release_date": "2018-06-11T08:39:58Z",
"revision_history": [
{
"date": "2018-06-11T08:39:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"product_id": "kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64",
"product_id": "kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13166"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13166",
"url": "https://www.suse.com/security/cve/CVE-2017-13166"
},
{
"category": "external",
"summary": "SUSE Bug 1072865 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1072865"
},
{
"category": "external",
"summary": "SUSE Bug 1085447 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:39:58Z",
"details": "important"
}
],
"title": "CVE-2017-13166"
},
{
"cve": "CVE-2018-1087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1087"
}
],
"notes": [
{
"category": "general",
"text": "kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1087",
"url": "https://www.suse.com/security/cve/CVE-2018-1087"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-1087",
"url": "https://bugzilla.suse.com/1087088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:39:58Z",
"details": "important"
}
],
"title": "CVE-2018-1087"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:39:58Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
},
{
"cve": "CVE-2018-8897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8897"
}
],
"notes": [
{
"category": "general",
"text": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8897",
"url": "https://www.suse.com/security/cve/CVE-2018-8897"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087088"
},
{
"category": "external",
"summary": "SUSE Bug 1090368 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "external",
"summary": "SUSE Bug 1090820 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090820"
},
{
"category": "external",
"summary": "SUSE Bug 1090869 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "external",
"summary": "SUSE Bug 1092497 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "external",
"summary": "SUSE Bug 1093522 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093522"
},
{
"category": "external",
"summary": "SUSE Bug 1093524 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093524"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100835 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1100835"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_114-94_11-default-4-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:39:58Z",
"details": "important"
}
],
"title": "CVE-2018-8897"
}
]
}
SUSE-SU-2018:1645-1
Vulnerability from csaf_suse - Published: 2018-06-11 08:38 - Updated: 2018-06-11 08:38Summary
Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3)
Description of the patch: This update for the Linux Kernel 4.4.103-6_33 fixes several issues.
The following security issues were fixed:
- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. (bsc#1085447).
- CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs (bsc#1090368).
- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bsc#1090646).
- bsc#1083125: Fixed kgraft: small race in reversion code
- CVE-2018-1087: kernel KVM was vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest (bsc#1090869)
before
Patchnames: SUSE-SLE-Live-Patching-12-SP3-2018-1107
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.103-6_33 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. (bsc#1085447).\n- CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs (bsc#1090368).\n- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bsc#1090646).\n- bsc#1083125: Fixed kgraft: small race in reversion code\n- CVE-2018-1087: kernel KVM was vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest (bsc#1090869)\nbefore\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-SP3-2018-1107",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1645-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1645-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181645-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1645-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-June/004179.html"
},
{
"category": "self",
"summary": "SUSE Bug 1083125",
"url": "https://bugzilla.suse.com/1083125"
},
{
"category": "self",
"summary": "SUSE Bug 1085447",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "self",
"summary": "SUSE Bug 1090368",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "self",
"summary": "SUSE Bug 1090646",
"url": "https://bugzilla.suse.com/1090646"
},
{
"category": "self",
"summary": "SUSE Bug 1090869",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13166 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8897 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8897/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 6 for SLE 12 SP3)",
"tracking": {
"current_release_date": "2018-06-11T08:38:54Z",
"generator": {
"date": "2018-06-11T08:38:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1645-1",
"initial_release_date": "2018-06-11T08:38:54Z",
"revision_history": [
{
"date": "2018-06-11T08:38:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"product": {
"name": "kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"product_id": "kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64",
"product_id": "kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le"
},
"product_reference": "kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13166"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13166",
"url": "https://www.suse.com/security/cve/CVE-2017-13166"
},
{
"category": "external",
"summary": "SUSE Bug 1072865 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1072865"
},
{
"category": "external",
"summary": "SUSE Bug 1085447 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:38:54Z",
"details": "important"
}
],
"title": "CVE-2017-13166"
},
{
"cve": "CVE-2018-1087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1087"
}
],
"notes": [
{
"category": "general",
"text": "kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1087",
"url": "https://www.suse.com/security/cve/CVE-2018-1087"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-1087",
"url": "https://bugzilla.suse.com/1087088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:38:54Z",
"details": "important"
}
],
"title": "CVE-2018-1087"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:38:54Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
},
{
"cve": "CVE-2018-8897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8897"
}
],
"notes": [
{
"category": "general",
"text": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8897",
"url": "https://www.suse.com/security/cve/CVE-2018-8897"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087088"
},
{
"category": "external",
"summary": "SUSE Bug 1090368 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "external",
"summary": "SUSE Bug 1090820 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090820"
},
{
"category": "external",
"summary": "SUSE Bug 1090869 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "external",
"summary": "SUSE Bug 1092497 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "external",
"summary": "SUSE Bug 1093522 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093522"
},
{
"category": "external",
"summary": "SUSE Bug 1093524 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093524"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100835 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1100835"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_103-6_33-default-6-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:38:54Z",
"details": "important"
}
],
"title": "CVE-2018-8897"
}
]
}
SUSE-SU-2018:1648-1
Vulnerability from csaf_suse - Published: 2018-06-11 08:37 - Updated: 2018-06-11 08:37Summary
Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3)
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3)
Description of the patch: This update for the Linux Kernel 4.4.90-6_12 fixes several issues.
The following security issues were fixed:
- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. (bsc#1085447).
- CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs (bsc#1090368).
- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bsc#1090646).
- bsc#1083125: Fixed kgraft: small race in reversion code
- CVE-2018-1087: kernel KVM was vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest (bsc#1090869)
before
Patchnames: SUSE-SLE-Live-Patching-12-SP3-2018-1104
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3)",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for the Linux Kernel 4.4.90-6_12 fixes several issues.\n\nThe following security issues were fixed:\n\n- CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. (bsc#1085447).\n- CVE-2018-8897: A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs (bsc#1090368).\n- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bsc#1090646).\n- bsc#1083125: Fixed kgraft: small race in reversion code\n- CVE-2018-1087: kernel KVM was vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest (bsc#1090869)\nbefore\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-SP3-2018-1104",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1648-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1648-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181648-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1648-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-June/004180.html"
},
{
"category": "self",
"summary": "SUSE Bug 1083125",
"url": "https://bugzilla.suse.com/1083125"
},
{
"category": "self",
"summary": "SUSE Bug 1085447",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "self",
"summary": "SUSE Bug 1090368",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "self",
"summary": "SUSE Bug 1090646",
"url": "https://bugzilla.suse.com/1090646"
},
{
"category": "self",
"summary": "SUSE Bug 1090869",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13166 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13166/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8897 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8897/"
}
],
"title": "Security update for the Linux Kernel (Live Patch 4 for SLE 12 SP3)",
"tracking": {
"current_release_date": "2018-06-11T08:37:19Z",
"generator": {
"date": "2018-06-11T08:37:19Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1648-1",
"initial_release_date": "2018-06-11T08:37:19Z",
"revision_history": [
{
"date": "2018-06-11T08:37:19Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64",
"product": {
"name": "kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64",
"product_id": "kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
},
"product_reference": "kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-13166",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13166"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13166",
"url": "https://www.suse.com/security/cve/CVE-2017-13166"
},
{
"category": "external",
"summary": "SUSE Bug 1072865 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1072865"
},
{
"category": "external",
"summary": "SUSE Bug 1085447 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1085447"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-13166",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:37:19Z",
"details": "important"
}
],
"title": "CVE-2017-13166"
},
{
"cve": "CVE-2018-1087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1087"
}
],
"notes": [
{
"category": "general",
"text": "kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1087",
"url": "https://www.suse.com/security/cve/CVE-2018-1087"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-1087",
"url": "https://bugzilla.suse.com/1087088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:37:19Z",
"details": "important"
}
],
"title": "CVE-2018-1087"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:37:19Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
},
{
"cve": "CVE-2018-8897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8897"
}
],
"notes": [
{
"category": "general",
"text": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8897",
"url": "https://www.suse.com/security/cve/CVE-2018-8897"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087088"
},
{
"category": "external",
"summary": "SUSE Bug 1090368 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "external",
"summary": "SUSE Bug 1090820 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090820"
},
{
"category": "external",
"summary": "SUSE Bug 1090869 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "external",
"summary": "SUSE Bug 1092497 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "external",
"summary": "SUSE Bug 1093522 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093522"
},
{
"category": "external",
"summary": "SUSE Bug 1093524 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093524"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100835 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1100835"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_92-6_18-default-7-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-06-11T08:37:19Z",
"details": "important"
}
],
"title": "CVE-2018-8897"
}
]
}
WID-SEC-W-2022-0532
Vulnerability from csaf_certbund - Published: 2018-05-01 22:00 - Updated: 2025-04-14 22:00Summary
Linux Kernel: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Debian ist eine Linux-Distribution, die ausschließlich Freie Software enthält.
Oracle Linux ist ein Open Source Betriebssystem, welches unter der GNU General Public License (GPL) verfügbar ist.
Der Kernel stellt den Kern des Linux Betriebssystems dar.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuführen, einen Denial of Service Angriff durchzuführen, Sicherheitsmechanismen zu umgehen, vertrauliche Daten einzusehen oder seine Privilegien zu erweitern.
Betroffene Betriebssysteme: - Appliance
- Linux
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
Affected products
Known affected
15 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle VM
Oracle
|
cpe:/a:oracle:vm:-
|
— | |
|
Avaya Aura Experience Portal
Avaya
|
cpe:/a:avaya:aura_experience_portal:-
|
— | |
|
Avaya Aura System Manager
Avaya
|
cpe:/a:avaya:aura_system_manager:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Avaya Aura Application Enablement Services
Avaya
|
cpe:/a:avaya:aura_application_enablement_services:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— | |
|
Avaya Aura Session Manager
Avaya
|
cpe:/a:avaya:session_manager:-
|
— | |
|
Avaya Aura Communication Manager
Avaya
|
cpe:/a:avaya:communication_manager:-
|
— | |
|
Oracle Linux 6
Oracle / Linux
|
cpe:/o:oracle:linux:6
|
6 | |
|
Oracle Linux 5
Oracle / Linux
|
cpe:/o:oracle:linux:5
|
5 | |
|
Oracle Linux
Oracle / Linux
|
cpe:/o:oracle:linux:-
|
— | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Oracle Linux 7
Oracle / Linux
|
cpe:/o:oracle:linux:7
|
7 |
References
259 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Debian ist eine Linux-Distribution, die ausschlie\u00dflich Freie Software enth\u00e4lt.\r\nOracle Linux ist ein Open Source Betriebssystem, welches unter der GNU General Public License (GPL) verf\u00fcgbar ist.\r\nDer Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um beliebigen Programmcode mit Administratorrechten auszuf\u00fchren, einen Denial of Service Angriff durchzuf\u00fchren, Sicherheitsmechanismen zu umgehen, vertrauliche Daten einzusehen oder seine Privilegien zu erweitern.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Appliance\n- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2022-0532 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2018/wid-sec-w-2022-0532.json"
},
{
"category": "self",
"summary": "WID-SEC-2022-0532 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0532"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4187-1 vom 2018-05-01",
"url": "https://www.debian.org/security/2018/dsa-4187"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4188-1 vom 2018-05-01",
"url": "https://www.debian.org/security/2018/dsa-4188"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4088 vom 2018-05-01",
"url": "https://linux.oracle.com/errata/ELSA-2018-4088.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4087 vom 2018-05-01",
"url": "https://linux.oracle.com/errata/ELSA-2018-4087.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4089 vom 2018-05-02",
"url": "http://linux.oracle.com/errata/ELSA-2018-4089.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1173-1 vom 2018-05-09",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181173-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1172-1 vom 2018-05-09",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181172-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:1318 vom 2018-05-09",
"url": "http://www.auscert.org.au/bulletins/62478"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:1355 vom 2018-05-09",
"url": "https://access.redhat.com/errata/RHSA-2018:1355"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-1318 vom 2018-05-09",
"url": "http://linux.oracle.com/errata/ELSA-2018-1318.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1217-1 vom 2018-05-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181217-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1238-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181238-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1225-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181225-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1240-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181240-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1230-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181230-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1223-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181223-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1228-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181228-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1236-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181236-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1239-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181239-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1231-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181231-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1229-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181229-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1237-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181237-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1232-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181232-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1227-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181227-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1234-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181234-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1233-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181233-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1226-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181226-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1235-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181235-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1222-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181222-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1224-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181224-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1263-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181263-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1221-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181221-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1220-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181220-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1249-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181249-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1246-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181246-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1252-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181252-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1260-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181260-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1270-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181270-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1262-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181262-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1242-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181242-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1268-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181268-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1248-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181248-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1258-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181258-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1272-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181272-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1250-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181250-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1253-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181253-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1241-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181241-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1259-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181259-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1256-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181256-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1245-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181245-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1264-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181264-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1254-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181254-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1266-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181266-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1269-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181269-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1251-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181251-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1255-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181255-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1273-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181273-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1243-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181243-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1244-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181244-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1261-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181261-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1267-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181267-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1247-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181247-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1257-1 vom 2018-05-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181257-1.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:1374 vom 2018-05-16",
"url": "https://access.redhat.com/errata/RHSA-2018:1374"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1309-1 vom 2018-05-17",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181309-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-1629 vom 2018-05-22",
"url": "http://linux.oracle.com/errata/ELSA-2018-1629.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4114 vom 2018-05-23",
"url": "http://linux.oracle.com/errata/ELSA-2018-4114.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1366-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181366-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1375-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181375-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1376-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181376-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1386-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181386-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1368-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181368-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1374-1 vom 2018-05-23",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181374-1.html"
},
{
"category": "external",
"summary": "Oraclevm-errata OVMSA-2018-0223 vom 2018-05-23",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2018-May/000858.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1465-1 vom 2018-05-30",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181465-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1498-1 vom 2018-06-05",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181498-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1508-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181508-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1551-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181551-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1525-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181525-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1536-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181536-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1511-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181511-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1545-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181545-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1522-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181522-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1530-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181530-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1534-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181534-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1524-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181524-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1505-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181505-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1510-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181510-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1516-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181516-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1523-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181523-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1532-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181532-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1531-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181531-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1521-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181521-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1518-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181518-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1506-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181506-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1548-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181548-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1514-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181514-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1541-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181541-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1546-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181546-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1519-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181519-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1509-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181509-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1528-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181528-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1537-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181537-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1513-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181513-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1512-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181512-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1538-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181538-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1517-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181517-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1535-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181535-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1529-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181529-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1549-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181549-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1540-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181540-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1520-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181520-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1526-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181526-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1533-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181533-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1539-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181539-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1543-1 vom 2018-06-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181543-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1571-1 vom 2018-06-07",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181571-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1570-1 vom 2018-06-07",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181570-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1567-1 vom 2018-06-07",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181567-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1636-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181636-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1644-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181644-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1639-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181639-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1645-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181645-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1641-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181641-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1640-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181640-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1637-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181637-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1648-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181648-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1642-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181642-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1643-1 vom 2018-06-11",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181643-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4145 vom 2018-06-16",
"url": "http://linux.oracle.com/errata/ELSA-2018-4145.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4134 vom 2018-06-16",
"url": "http://linux.oracle.com/errata/ELSA-2018-4134.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory",
"url": "https://access.redhat.com/errata/RHSA-2018:1854"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1762-1 vom 2018-06-20",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181762-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1761-1 vom 2018-06-20",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181761-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1772-1 vom 2018-06-21",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181772-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:1816-1 vom 2018-06-26",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181816-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-1854 vom 2018-06-26",
"url": "http://linux.oracle.com/errata/ELSA-2018-1854.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3698-1 vom 2018-07-03",
"url": "http://www.ubuntu.com/usn/usn-3698-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3697-1 vom 2018-07-03",
"url": "http://www.ubuntu.com/usn/usn-3697-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3696-1 vom 2018-07-03",
"url": "http://www.ubuntu.com/usn/usn-3696-2"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4161 vom 2018-07-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4161.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4164 vom 2018-07-11",
"url": "http://linux.oracle.com/errata/ELSA-2018-4164.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-2162 vom 2018-07-11",
"url": "http://linux.oracle.com/errata/ELSA-2018-2162.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2082-1 vom 2018-07-28",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182082-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2092-1 vom 2018-07-28",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182092-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2150-1 vom 2018-08-01",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182150-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2222-1 vom 2018-08-07",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182222-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4193 vom 2018-08-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4193.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-2384 vom 2018-08-15",
"url": "http://linux.oracle.com/errata/ELSA-2018-2384.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-2390 vom 2018-08-15",
"url": "http://linux.oracle.com/errata/ELSA-2018-2390.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2390 vom 2018-08-14",
"url": "http://rhn.redhat.com/errata/RHSA-2018-2390.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2384 vom 2018-08-14",
"url": "http://rhn.redhat.com/errata/RHSA-2018-2384.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2384 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2384"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2387 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2387"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2388 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2388"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2390 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2390"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2389 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2389"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2395 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2395"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2391 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2391"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2392 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2392"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2393 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2393"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2394 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2394"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2396 vom 2018-08-15",
"url": "https://access.redhat.com/errata/RHSA-2018:2396"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2332-1 vom 2018-08-15",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182332-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2366-1 vom 2018-08-16",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182366-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4200 vom 2018-08-17",
"url": "http://linux.oracle.com/errata/ELSA-2018-4200.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2637-1 vom 2018-09-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182637-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:2631-1 vom 2018-09-06",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20182631-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4211 vom 2018-09-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4211.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-4308 vom 2018-10-01",
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3003-1 vom 2018-10-04",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183003-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3004-1 vom 2018-10-04",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183004-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3084-1 vom 2018-10-09",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183084-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4242 vom 2018-10-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4242.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4245 vom 2018-10-11",
"url": "http://linux.oracle.com/errata/ELSA-2018-4245.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4250 vom 2018-10-13",
"url": "http://linux.oracle.com/errata/ELSA-2018-4250.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:2948 vom 2018-10-31",
"url": "https://access.redhat.com/errata/RHSA-2018:2948"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:3096 vom 2018-10-31",
"url": "https://access.redhat.com/errata/RHSA-2018:3096"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2018:3083 vom 2018-10-31",
"url": "https://access.redhat.com/errata/RHSA-2018:3083"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3589-1 vom 2018-11-01",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183589-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3593-1 vom 2018-11-01",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183593-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-3083 vom 2018-11-06",
"url": "http://linux.oracle.com/errata/ELSA-2018-3083.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3659-1 vom 2018-11-08",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183659-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4268 vom 2018-11-08",
"url": "http://linux.oracle.com/errata/ELSA-2018-4268.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4269 vom 2018-11-08",
"url": "http://linux.oracle.com/errata/ELSA-2018-4269.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4285 vom 2018-11-21",
"url": "http://linux.oracle.com/errata/ELSA-2018-4285.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3934-1 vom 2018-11-29",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183934-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:3961-1 vom 2018-12-01",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183961-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4301 vom 2018-12-10",
"url": "http://linux.oracle.com/errata/ELSA-2018-4301.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2018-4304 vom 2018-12-12",
"url": "http://linux.oracle.com/errata/ELSA-2018-4304.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:4069-1 vom 2018-12-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20184069-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2018:4072-1 vom 2018-12-12",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20184072-1.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4315 vom 2019-01-03",
"url": "http://linux.oracle.com/errata/ELSA-2019-4315.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4316 vom 2019-01-04",
"url": "http://linux.oracle.com/errata/ELSA-2019-4316.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4317 vom 2019-01-05",
"url": "http://linux.oracle.com/errata/ELSA-2019-4317.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:0095-1 vom 2019-01-16",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20190095-1.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3880-2 vom 2019-02-05",
"url": "https://usn.ubuntu.com/3880-2/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3910-1 vom 2019-03-16",
"url": "https://usn.ubuntu.com/3910-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-3910-1 vom 2019-03-16",
"url": "https://usn.ubuntu.com/3910-2/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:0641 vom 2019-03-26",
"url": "https://access.redhat.com/errata/RHSA-2019:0641"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4596 vom 2019-04-01",
"url": "http://linux.oracle.com/errata/ELSA-2019-4596.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2019-0014 vom 2019-05-03",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2019-May/000936.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1190 vom 2019-05-15",
"url": "https://access.redhat.com/errata/RHSA-2019:1190"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1170 vom 2019-05-15",
"url": "https://access.redhat.com/errata/RHSA-2019:1170"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1487 vom 2019-06-18",
"url": "https://access.redhat.com/errata/RHSA-2019:1487"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:1483 vom 2019-06-18",
"url": "https://access.redhat.com/errata/RHSA-2019:1483"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2029 vom 2019-08-06",
"url": "https://access.redhat.com/errata/RHSA-2019:2029"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:2043 vom 2019-08-06",
"url": "https://access.redhat.com/errata/RHSA-2019:2043"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-4742 vom 2019-08-10",
"url": "http://linux.oracle.com/errata/ELSA-2019-4742.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2019-2029 vom 2019-08-14",
"url": "http://linux.oracle.com/errata/ELSA-2019-2029.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2430-1 vom 2019-09-23",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192430-1.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2019:2450-1 vom 2019-09-24",
"url": "https://www.suse.com/support/update/announcement/2019/suse-su-20192450-1.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4163-1 vom 2019-10-22",
"url": "https://usn.ubuntu.com/4163-1/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4163-2 vom 2019-10-23",
"url": "https://usn.ubuntu.com/4163-2/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:4154 vom 2019-12-10",
"url": "https://access.redhat.com/errata/RHSA-2019:4154"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2019:4159 vom 2019-12-10",
"url": "https://access.redhat.com/errata/RHSA-2019:4159"
},
{
"category": "external",
"summary": "AVAYA Security Advisory ASA-2018-252 vom 2020-01-07",
"url": "https://downloads.avaya.com/css/P8/documents/101051981"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2020:0036 vom 2020-01-07",
"url": "https://access.redhat.com/errata/RHSA-2020:0036"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA 2148 vom 2020-04-01",
"url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202003/msg00025.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1587-1 vom 2020-06-10",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006912.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1603-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006927.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006921.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006932.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1604-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006931.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1602-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006928.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1599-1 vom 2020-06-10",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006924.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006930.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1605-1 vom 2020-06-11",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006929.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1671-1 vom 2020-06-18",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006966.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1656-1 vom 2020-06-18",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006977.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1663-1 vom 2020-06-18",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006971.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1646-1 vom 2020-06-18",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/006970.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1754-1 vom 2020-06-26",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007033.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1758-1 vom 2020-06-26",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007031.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:1775-1 vom 2020-06-26",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-June/007036.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2156-1 vom 2020-08-07",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-August/007238.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-2323 vom 2020-08-12",
"url": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202008/msg00019.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-4486-1 vom 2020-09-02",
"url": "https://usn.ubuntu.com/4486-1/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2478-1 vom 2020-09-03",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007345.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2020:2487-1 vom 2020-09-04",
"url": "http://lists.suse.com/pipermail/sle-security-updates/2020-September/007352.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2861-1 vom 2021-08-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009366.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2021:2862-1 vom 2021-08-27",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2021-August/009367.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2021-9473 vom 2021-10-08",
"url": "http://linux.oracle.com/errata/ELSA-2021-9473.html"
},
{
"category": "external",
"summary": "ORACLE OVMSA-2021-0035 vom 2021-10-12",
"url": "https://oss.oracle.com/pipermail/oraclevm-errata/2021-October/001033.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1988 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1988"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2022:1975 vom 2022-05-10",
"url": "https://access.redhat.com/errata/RHSA-2022:1975"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-3065 vom 2022-07-01",
"url": "https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2022-9969 vom 2022-11-01",
"url": "https://linux.oracle.com/errata/ELSA-2022-9969.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1848-1 vom 2023-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014466.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1897-1 vom 2023-04-18",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014485.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:1992-1 vom 2023-04-25",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014572.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:2232-1 vom 2023-05-17",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-May/014918.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1176-1 vom 2025-04-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020671.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1183-1 vom 2025-04-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020678.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1195-1 vom 2025-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020680.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1194-1 vom 2025-04-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020681.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:1241-1 vom 2025-04-14",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-April/020694.html"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-04-14T22:00:00.000+00:00",
"generator": {
"date": "2025-04-15T11:13:48.454+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2022-0532",
"initial_release_date": "2018-05-01T22:00:00.000+00:00",
"revision_history": [
{
"date": "2018-05-01T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2018-05-01T22:00:00.000+00:00",
"number": "2",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-05-02T22:00:00.000+00:00",
"number": "3",
"summary": "New remediations available"
},
{
"date": "2018-05-08T22:00:00.000+00:00",
"number": "4",
"summary": "New remediations available"
},
{
"date": "2018-05-10T22:00:00.000+00:00",
"number": "5",
"summary": "New remediations available"
},
{
"date": "2018-05-13T22:00:00.000+00:00",
"number": "6",
"summary": "New remediations available"
},
{
"date": "2018-05-15T22:00:00.000+00:00",
"number": "7",
"summary": "New remediations available"
},
{
"date": "2018-05-16T22:00:00.000+00:00",
"number": "8",
"summary": "New remediations available"
},
{
"date": "2018-05-21T22:00:00.000+00:00",
"number": "9",
"summary": "New remediations available"
},
{
"date": "2018-05-22T22:00:00.000+00:00",
"number": "10",
"summary": "New remediations available"
},
{
"date": "2018-05-23T22:00:00.000+00:00",
"number": "11",
"summary": "New remediations available"
},
{
"date": "2018-05-23T22:00:00.000+00:00",
"number": "12",
"summary": "New remediations available"
},
{
"date": "2018-05-23T22:00:00.000+00:00",
"number": "13",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-05-29T22:00:00.000+00:00",
"number": "14",
"summary": "New remediations available"
},
{
"date": "2018-06-05T22:00:00.000+00:00",
"number": "15",
"summary": "New remediations available"
},
{
"date": "2018-06-06T22:00:00.000+00:00",
"number": "16",
"summary": "New remediations available"
},
{
"date": "2018-06-07T22:00:00.000+00:00",
"number": "17",
"summary": "New remediations available"
},
{
"date": "2018-06-11T22:00:00.000+00:00",
"number": "18",
"summary": "New remediations available"
},
{
"date": "2018-06-17T22:00:00.000+00:00",
"number": "19",
"summary": "New remediations available"
},
{
"date": "2018-06-18T22:00:00.000+00:00",
"number": "20",
"summary": "New remediations available"
},
{
"date": "2018-06-19T22:00:00.000+00:00",
"number": "21",
"summary": "Added references"
},
{
"date": "2018-06-21T22:00:00.000+00:00",
"number": "22",
"summary": "New remediations available"
},
{
"date": "2018-06-24T22:00:00.000+00:00",
"number": "23",
"summary": "Added references"
},
{
"date": "2018-06-27T22:00:00.000+00:00",
"number": "24",
"summary": "Added references"
},
{
"date": "2018-07-10T22:00:00.000+00:00",
"number": "25",
"summary": "New remediations available"
},
{
"date": "2018-07-29T22:00:00.000+00:00",
"number": "26",
"summary": "New remediations available"
},
{
"date": "2018-08-01T22:00:00.000+00:00",
"number": "27",
"summary": "New remediations available"
},
{
"date": "2018-08-06T22:00:00.000+00:00",
"number": "28",
"summary": "New remediations available"
},
{
"date": "2018-08-09T22:00:00.000+00:00",
"number": "29",
"summary": "New remediations available"
},
{
"date": "2018-08-14T22:00:00.000+00:00",
"number": "30",
"summary": "New remediations available"
},
{
"date": "2018-08-14T22:00:00.000+00:00",
"number": "31",
"summary": "New remediations available"
},
{
"date": "2018-08-15T22:00:00.000+00:00",
"number": "32",
"summary": "New remediations available"
},
{
"date": "2018-08-16T22:00:00.000+00:00",
"number": "33",
"summary": "New remediations available"
},
{
"date": "2018-08-16T22:00:00.000+00:00",
"number": "34",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-16T22:00:00.000+00:00",
"number": "35",
"summary": "Version nicht vorhanden"
},
{
"date": "2018-08-27T22:00:00.000+00:00",
"number": "36",
"summary": "Added references"
},
{
"date": "2018-09-06T22:00:00.000+00:00",
"number": "37",
"summary": "New remediations available"
},
{
"date": "2018-09-10T22:00:00.000+00:00",
"number": "38",
"summary": "New remediations available"
},
{
"date": "2018-10-01T22:00:00.000+00:00",
"number": "39",
"summary": "New remediations available"
},
{
"date": "2018-10-04T22:00:00.000+00:00",
"number": "40",
"summary": "New remediations available"
},
{
"date": "2018-10-09T22:00:00.000+00:00",
"number": "41",
"summary": "New remediations available"
},
{
"date": "2018-10-10T22:00:00.000+00:00",
"number": "42",
"summary": "New remediations available"
},
{
"date": "2018-10-14T22:00:00.000+00:00",
"number": "43",
"summary": "New remediations available"
},
{
"date": "2018-10-30T23:00:00.000+00:00",
"number": "44",
"summary": "New remediations available"
},
{
"date": "2018-10-31T23:00:00.000+00:00",
"number": "45",
"summary": "New remediations available"
},
{
"date": "2018-11-05T23:00:00.000+00:00",
"number": "46",
"summary": "New remediations available"
},
{
"date": "2018-11-07T23:00:00.000+00:00",
"number": "47",
"summary": "New remediations available"
},
{
"date": "2018-11-08T23:00:00.000+00:00",
"number": "48",
"summary": "New remediations available"
},
{
"date": "2018-11-20T23:00:00.000+00:00",
"number": "49",
"summary": "New remediations available"
},
{
"date": "2018-11-28T23:00:00.000+00:00",
"number": "50",
"summary": "New remediations available"
},
{
"date": "2018-12-02T23:00:00.000+00:00",
"number": "51",
"summary": "New remediations available"
},
{
"date": "2018-12-03T23:00:00.000+00:00",
"number": "52",
"summary": "Minor corrections"
},
{
"date": "2018-12-09T23:00:00.000+00:00",
"number": "53",
"summary": "New remediations available"
},
{
"date": "2018-12-11T23:00:00.000+00:00",
"number": "54",
"summary": "New remediations available"
},
{
"date": "2018-12-12T23:00:00.000+00:00",
"number": "55",
"summary": "New remediations available"
},
{
"date": "2019-01-03T23:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-01-06T23:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-01-15T23:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-02-04T23:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2019-03-17T23:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2019-03-25T23:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-03-31T22:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-05-05T22:00:00.000+00:00",
"number": "63",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2019-05-15T22:00:00.000+00:00",
"number": "64",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-06-17T22:00:00.000+00:00",
"number": "65",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-08-06T22:00:00.000+00:00",
"number": "66",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-08-11T22:00:00.000+00:00",
"number": "67",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-08-13T22:00:00.000+00:00",
"number": "68",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2019-09-23T22:00:00.000+00:00",
"number": "69",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-09-24T22:00:00.000+00:00",
"number": "70",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2019-10-21T22:00:00.000+00:00",
"number": "71",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2019-10-22T22:00:00.000+00:00",
"number": "72",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2019-12-09T23:00:00.000+00:00",
"number": "73",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2019-12-09T23:00:00.000+00:00",
"number": "74",
"summary": "Version nicht vorhanden"
},
{
"date": "2020-01-06T23:00:00.000+00:00",
"number": "75",
"summary": "Neue Updates von AVAYA aufgenommen"
},
{
"date": "2020-01-07T23:00:00.000+00:00",
"number": "76",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2020-04-01T22:00:00.000+00:00",
"number": "77",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2020-06-09T22:00:00.000+00:00",
"number": "78",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-06-11T22:00:00.000+00:00",
"number": "79",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-06-18T22:00:00.000+00:00",
"number": "80",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-06-25T22:00:00.000+00:00",
"number": "81",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-08-06T22:00:00.000+00:00",
"number": "82",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-08-12T22:00:00.000+00:00",
"number": "83",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2020-09-01T22:00:00.000+00:00",
"number": "84",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2020-09-03T22:00:00.000+00:00",
"number": "85",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2020-09-06T22:00:00.000+00:00",
"number": "86",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-08-29T22:00:00.000+00:00",
"number": "87",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2021-10-10T22:00:00.000+00:00",
"number": "88",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2021-10-11T22:00:00.000+00:00",
"number": "89",
"summary": "Neue Updates von ORACLE aufgenommen"
},
{
"date": "2022-05-10T22:00:00.000+00:00",
"number": "90",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2022-07-03T22:00:00.000+00:00",
"number": "91",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2022-11-01T23:00:00.000+00:00",
"number": "92",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2023-04-16T22:00:00.000+00:00",
"number": "93",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-04-18T22:00:00.000+00:00",
"number": "94",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-04-24T22:00:00.000+00:00",
"number": "95",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-05-18T22:00:00.000+00:00",
"number": "96",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-08T22:00:00.000+00:00",
"number": "97",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "98",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-10T22:00:00.000+00:00",
"number": "99",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-04-14T22:00:00.000+00:00",
"number": "100",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "100"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Avaya Aura Application Enablement Services",
"product": {
"name": "Avaya Aura Application Enablement Services",
"product_id": "T015516",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_application_enablement_services:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Communication Manager",
"product": {
"name": "Avaya Aura Communication Manager",
"product_id": "T015126",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:communication_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Experience Portal",
"product": {
"name": "Avaya Aura Experience Portal",
"product_id": "T015519",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_experience_portal:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura Session Manager",
"product": {
"name": "Avaya Aura Session Manager",
"product_id": "T015127",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:session_manager:-"
}
}
},
{
"category": "product_name",
"name": "Avaya Aura System Manager",
"product": {
"name": "Avaya Aura System Manager",
"product_id": "T015518",
"product_identification_helper": {
"cpe": "cpe:/a:avaya:aura_system_manager:-"
}
}
}
],
"category": "vendor",
"name": "Avaya"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "6368",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7",
"product": {
"name": "Oracle Linux 7",
"product_id": "287065",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:7"
}
}
},
{
"category": "product_version",
"name": "6",
"product": {
"name": "Oracle Linux 6",
"product_id": "T002988",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:6"
}
}
},
{
"category": "product_version",
"name": "5",
"product": {
"name": "Oracle Linux 5",
"product_id": "T003616",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:5"
}
}
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "product_name",
"name": "Linux"
},
{
"category": "product_name",
"name": "Oracle VM",
"product": {
"name": "Oracle VM",
"product_id": "T011119",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:vm:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9016",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2015-9016"
},
{
"cve": "CVE-2017-0861",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-0861"
},
{
"cve": "CVE-2017-13166",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-13166"
},
{
"cve": "CVE-2017-13220",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-13220"
},
{
"cve": "CVE-2017-16526",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16526"
},
{
"cve": "CVE-2017-16911",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16911"
},
{
"cve": "CVE-2017-16912",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16912"
},
{
"cve": "CVE-2017-16913",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16913"
},
{
"cve": "CVE-2017-16914",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-16914"
},
{
"cve": "CVE-2017-17975",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-17975"
},
{
"cve": "CVE-2017-18017",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18017"
},
{
"cve": "CVE-2017-18193",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18193"
},
{
"cve": "CVE-2017-18203",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18203"
},
{
"cve": "CVE-2017-18216",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18216"
},
{
"cve": "CVE-2017-18218",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18218"
},
{
"cve": "CVE-2017-18222",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18222"
},
{
"cve": "CVE-2017-18224",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18224"
},
{
"cve": "CVE-2017-18232",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18232"
},
{
"cve": "CVE-2017-18241",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18241"
},
{
"cve": "CVE-2017-18257",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-18257"
},
{
"cve": "CVE-2017-5715",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-5715"
},
{
"cve": "CVE-2017-5753",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2017-5753"
},
{
"cve": "CVE-2018-1000004",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1000004"
},
{
"cve": "CVE-2018-1000199",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1000199"
},
{
"cve": "CVE-2018-10323",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-10323"
},
{
"cve": "CVE-2018-1065",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1065"
},
{
"cve": "CVE-2018-1066",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1066"
},
{
"cve": "CVE-2018-1068",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1068"
},
{
"cve": "CVE-2018-1092",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1092"
},
{
"cve": "CVE-2018-1093",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1093"
},
{
"cve": "CVE-2018-1108",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-1108"
},
{
"cve": "CVE-2018-5332",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-5332"
},
{
"cve": "CVE-2018-5333",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-5333"
},
{
"cve": "CVE-2018-5750",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-5750"
},
{
"cve": "CVE-2018-5803",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-5803"
},
{
"cve": "CVE-2018-6927",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-6927"
},
{
"cve": "CVE-2018-7480",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7480"
},
{
"cve": "CVE-2018-7492",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7492"
},
{
"cve": "CVE-2018-7566",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7566"
},
{
"cve": "CVE-2018-7740",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7740"
},
{
"cve": "CVE-2018-7757",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7757"
},
{
"cve": "CVE-2018-7995",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-7995"
},
{
"cve": "CVE-2018-8087",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-8087"
},
{
"cve": "CVE-2018-8781",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-8781"
},
{
"cve": "CVE-2018-8822",
"product_status": {
"known_affected": [
"T011119",
"T015519",
"T015518",
"67646",
"T015516",
"6368",
"T015127",
"T015126",
"T002988",
"T003616",
"T004914",
"2951",
"T002207",
"T000126",
"287065"
]
},
"release_date": "2018-05-01T22:00:00.000+00:00",
"title": "CVE-2018-8822"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…