Vulnerability-Lookup

CVE-2017-2636 (GCVE-0-2017-2636)

Vulnerability from cvelistv5 – Published: 2017-03-07 22:00 – Updated: 2024-08-05 14:02

Summary

Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.

Severity

7.0 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Assigner

redhat

References

16 references

URL	Tags
https://access.redhat.com/errata/RHSA-2017:0892	vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/96732	vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037963	vdb-entryx_refsource_SECTRACK
https://access.redhat.com/errata/RHSA-2017:0932	vendor-advisoryx_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2017/03/07/6	mailing-listx_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=1428319	x_refsource_CONFIRM
https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2…	x_refsource_MISC
https://access.redhat.com/errata/RHSA-2017:1125	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0933	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:1232	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0931	vendor-advisoryx_refsource_REDHAT
http://www.debian.org/security/2017/dsa-3804	vendor-advisoryx_refsource_DEBIAN
https://access.redhat.com/errata/RHSA-2017:1233	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:1488	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:0986	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:1126	vendor-advisoryx_refsource_REDHAT

Date Public

2017-02-28 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T14:02:06.961Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2017:0892",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0892"
          },
          {
            "name": "96732",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/96732"
          },
          {
            "name": "1037963",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1037963"
          },
          {
            "name": "RHSA-2017:0932",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0932"
          },
          {
            "name": "[oss-security] 20170307 Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/03/07/6"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428319"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html"
          },
          {
            "name": "RHSA-2017:1125",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1125"
          },
          {
            "name": "RHSA-2017:0933",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0933"
          },
          {
            "name": "RHSA-2017:1232",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1232"
          },
          {
            "name": "RHSA-2017:0931",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0931"
          },
          {
            "name": "DSA-3804",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2017/dsa-3804"
          },
          {
            "name": "RHSA-2017:1233",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1233"
          },
          {
            "name": "RHSA-2017:1488",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1488"
          },
          {
            "name": "RHSA-2017:0986",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:0986"
          },
          {
            "name": "RHSA-2017:1126",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:1126"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-02-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-01-04T19:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2017:0892",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0892"
        },
        {
          "name": "96732",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/96732"
        },
        {
          "name": "1037963",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1037963"
        },
        {
          "name": "RHSA-2017:0932",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0932"
        },
        {
          "name": "[oss-security] 20170307 Linux kernel: CVE-2017-2636: local privilege escalation flaw in n_hdlc",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/03/07/6"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1428319"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html"
        },
        {
          "name": "RHSA-2017:1125",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1125"
        },
        {
          "name": "RHSA-2017:0933",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0933"
        },
        {
          "name": "RHSA-2017:1232",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1232"
        },
        {
          "name": "RHSA-2017:0931",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0931"
        },
        {
          "name": "DSA-3804",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2017/dsa-3804"
        },
        {
          "name": "RHSA-2017:1233",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1233"
        },
        {
          "name": "RHSA-2017:1488",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1488"
        },
        {
          "name": "RHSA-2017:0986",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:0986"
        },
        {
          "name": "RHSA-2017:1126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:1126"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-2636",
    "datePublished": "2017-03-07T22:00:00.000Z",
    "dateReserved": "2016-12-01T00:00:00.000Z",
    "dateUpdated": "2024-08-05T14:02:06.961Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2017-2636",
      "date": "2026-06-03",
      "epss": "0.00518",
      "percentile": "0.67074"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.6.31\", \"versionEndExcluding\": \"3.2.87\", \"matchCriteriaId\": \"ED857DA5-6E36-4284-B8E7-6F7C9E91BA56\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.3\", \"versionEndExcluding\": \"3.10.106\", \"matchCriteriaId\": \"3116EF11-56E7-4D40-9FD0-6109280D0247\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.11\", \"versionEndExcluding\": \"3.12.72\", \"matchCriteriaId\": \"64196781-237D-42CA-BF7F-AD55DE12D30F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.13\", \"versionEndExcluding\": \"3.16.42\", \"matchCriteriaId\": \"AF664753-05DC-4D55-B3B2-0DABB1E59297\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.17\", \"versionEndExcluding\": \"3.18.49\", \"matchCriteriaId\": \"5AA77834-089F-4556-A00B-CAC1E08444BF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.19\", \"versionEndExcluding\": \"4.1.49\", \"matchCriteriaId\": \"F3C1F309-D954-4BB7-AC02-30FC58BE76F9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.2\", \"versionEndExcluding\": \"4.4.54\", \"matchCriteriaId\": \"75D08B52-EA80-4C04-A8D5-06E8048DD535\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.5\", \"versionEndExcluding\": \"4.9.15\", \"matchCriteriaId\": \"4FC9045A-6BA5-46F6-86D8-06B6C1A213F5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.10\", \"versionEndExcluding\": \"4.10.3\", \"matchCriteriaId\": \"36931271-7D26-46A8-A348-32F5994B508C\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.\"}, {\"lang\": \"es\", \"value\": \"Condici\\u00f3n de carrera en drivers/tty/n_hdlc.c en el kernel de Linux hasta la versi\\u00f3n 4.10.1 permite a usuarios locales obtener privilegios o provocar una denegaci\\u00f3n de servicio (liberaci\\u00f3n doble) ajustando la l\\u00ednea de disciplina HDLC.\"}]",
      "id": "CVE-2017-2636",
      "lastModified": "2024-11-21T03:23:52.810",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.0, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.0, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-03-07T22:59:00.157",
      "references": "[{\"url\": \"http://www.debian.org/security/2017/dsa-3804\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2017/03/07/6\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/96732\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037963\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0892\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0931\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0932\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0933\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0986\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1125\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1126\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1232\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1233\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1488\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1428319\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"http://www.debian.org/security/2017/dsa-3804\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2017/03/07/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/96732\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1037963\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0892\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0931\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0932\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0933\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:0986\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1125\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1126\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1232\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1233\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:1488\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1428319\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Mitigation\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-362\"}, {\"lang\": \"en\", \"value\": \"CWE-415\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-2636\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2017-03-07T22:59:00.157\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.\"},{\"lang\":\"es\",\"value\":\"Condici\u00f3n de carrera en drivers/tty/n_hdlc.c en el kernel de Linux hasta la versi\u00f3n 4.10.1 permite a usuarios locales obtener privilegios o provocar una denegaci\u00f3n de servicio (liberaci\u00f3n doble) ajustando la l\u00ednea de disciplina HDLC.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"},{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.31\",\"versionEndExcluding\":\"3.2.87\",\"matchCriteriaId\":\"ED857DA5-6E36-4284-B8E7-6F7C9E91BA56\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3\",\"versionEndExcluding\":\"3.10.106\",\"matchCriteriaId\":\"3116EF11-56E7-4D40-9FD0-6109280D0247\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.11\",\"versionEndExcluding\":\"3.12.72\",\"matchCriteriaId\":\"64196781-237D-42CA-BF7F-AD55DE12D30F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.13\",\"versionEndExcluding\":\"3.16.42\",\"matchCriteriaId\":\"AF664753-05DC-4D55-B3B2-0DABB1E59297\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17\",\"versionEndExcluding\":\"3.18.49\",\"matchCriteriaId\":\"5AA77834-089F-4556-A00B-CAC1E08444BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.19\",\"versionEndExcluding\":\"4.1.49\",\"matchCriteriaId\":\"F3C1F309-D954-4BB7-AC02-30FC58BE76F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2\",\"versionEndExcluding\":\"4.4.54\",\"matchCriteriaId\":\"75D08B52-EA80-4C04-A8D5-06E8048DD535\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.15\",\"matchCriteriaId\":\"4FC9045A-6BA5-46F6-86D8-06B6C1A213F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.10.3\",\"matchCriteriaId\":\"36931271-7D26-46A8-A348-32F5994B508C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3804\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2017/03/07/6\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96732\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037963\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0892\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0931\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0932\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0933\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0986\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1125\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1126\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1232\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1233\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1488\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1428319\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"http://www.debian.org/security/2017/dsa-3804\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2017/03/07/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/96732\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1037963\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://a13xp0p0v.github.io/2017/03/24/CVE-2017-2636.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0892\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0931\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0932\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0933\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:0986\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1125\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1126\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1232\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1233\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:1488\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1428319\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Mitigation\",\"Third Party Advisory\"]}]}}"
  }
}

SUSE-SU-2017:2073-1

Vulnerability from csaf_suse - Published: 2017-08-07 12:01 - Updated: 2017-08-07 12:01

Summary

Security update for Linux Kernel Live Patch 11 for SLE 12 SP1

Severity

Important

Notes

Title of the patch: Security update for Linux Kernel Live Patch 11 for SLE 12 SP1

Description of the patch: This update for the Linux Kernel 3.12.67-60_64_24 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751). - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892). - CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038564).

Patchnames: SUSE-SLE-SAP-12-SP1-2017-1275,SUSE-SLE-SERVER-12-SP1-2017-1275

CVE-2017-2636

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7533

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-7645

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-8890

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-9242

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

References

41 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1027575	self
https://bugzilla.suse.com/1038564	self
https://bugzilla.suse.com/1042892	self
https://bugzilla.suse.com/1046191	self
https://bugzilla.suse.com/1050751	self
https://www.suse.com/security/cve/CVE-2017-2636/	self
https://www.suse.com/security/cve/CVE-2017-7533/	self
https://www.suse.com/security/cve/CVE-2017-7645/	self
https://www.suse.com/security/cve/CVE-2017-8890/	self
https://www.suse.com/security/cve/CVE-2017-9242/	self
https://www.suse.com/security/cve/CVE-2017-2636	external
https://bugzilla.suse.com/1027565	external
https://bugzilla.suse.com/1027575	external
https://bugzilla.suse.com/1028372	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7533	external
https://bugzilla.suse.com/1049483	external
https://bugzilla.suse.com/1050677	external
https://bugzilla.suse.com/1050751	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-7645	external
https://bugzilla.suse.com/1034670	external
https://bugzilla.suse.com/1036741	external
https://bugzilla.suse.com/1046191	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-8890	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1038564	external
https://bugzilla.suse.com/1039883	external
https://bugzilla.suse.com/1039885	external
https://bugzilla.suse.com/1040069	external
https://bugzilla.suse.com/1042364	external
https://bugzilla.suse.com/1051906	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9242	external
https://bugzilla.suse.com/1041431	external
https://bugzilla.suse.com/1042892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for Linux Kernel Live Patch 11 for SLE 12 SP1",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 3.12.67-60_64_24 fixes several issues.\n\nThe following security bugs were fixed:\n\n- CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).\n- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).\n- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038564).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SAP-12-SP1-2017-1275,SUSE-SLE-SERVER-12-SP1-2017-1275",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2073-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2073-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172073-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2073-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-August/003103.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027575",
        "url": "https://bugzilla.suse.com/1027575"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038564",
        "url": "https://bugzilla.suse.com/1038564"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042892",
        "url": "https://bugzilla.suse.com/1042892"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046191",
        "url": "https://bugzilla.suse.com/1046191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050751",
        "url": "https://bugzilla.suse.com/1050751"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2636 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7645 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7645/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8890 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8890/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9242 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9242/"
      }
    ],
    "title": "Security update for Linux Kernel Live Patch 11 for SLE 12 SP1",
    "tracking": {
      "current_release_date": "2017-08-07T12:01:33Z",
      "generator": {
        "date": "2017-08-07T12:01:33Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2073-1",
      "initial_release_date": "2017-08-07T12:01:33Z",
      "revision_history": [
        {
          "date": "2017-08-07T12:01:33Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-2636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2636",
          "url": "https://www.suse.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027565 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027575 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028372 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1028372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-07T12:01:33Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2017-7533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7533",
          "url": "https://www.suse.com/security/cve/CVE-2017-7533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049483 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1049483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050677 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050751 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-07T12:01:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7533"
    },
    {
      "cve": "CVE-2017-7645",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7645"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7645",
          "url": "https://www.suse.com/security/cve/CVE-2017-7645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1034670 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1034670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1036741 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1036741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046191 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1046191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-07T12:01:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7645"
    },
    {
      "cve": "CVE-2017-8890",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8890"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8890",
          "url": "https://www.suse.com/security/cve/CVE-2017-8890"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038564 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038564"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039883 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039885 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039885"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1040069 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1040069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042364 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1042364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051906 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1051906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-07T12:01:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-8890"
    },
    {
      "cve": "CVE-2017-9242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9242",
          "url": "https://www.suse.com/security/cve/CVE-2017-9242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1041431 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1041431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042892 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1042892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_67-60_64_24-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-07T12:01:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-9242"
    }
  ]
}

SUSE-SU-2017:2088-1

Vulnerability from csaf_suse - Published: 2017-08-08 07:27 - Updated: 2017-08-08 07:27

Summary

Security update for Linux Kernel Live Patch 8 for SLE 12 SP1

Severity

Important

Notes

Title of the patch: Security update for Linux Kernel Live Patch 8 for SLE 12 SP1

Description of the patch: This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751). - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892). - CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038564).

Patchnames: SUSE-SLE-SAP-12-SP1-2017-1295,SUSE-SLE-SERVER-12-SP1-2017-1295

CVE-2017-2636

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7533

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-7645

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-8890

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-9242

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64	—	Vendor Fix

Threats

Impact important

References

41 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1027575	self
https://bugzilla.suse.com/1038564	self
https://bugzilla.suse.com/1042892	self
https://bugzilla.suse.com/1046191	self
https://bugzilla.suse.com/1050751	self
https://www.suse.com/security/cve/CVE-2017-2636/	self
https://www.suse.com/security/cve/CVE-2017-7533/	self
https://www.suse.com/security/cve/CVE-2017-7645/	self
https://www.suse.com/security/cve/CVE-2017-8890/	self
https://www.suse.com/security/cve/CVE-2017-9242/	self
https://www.suse.com/security/cve/CVE-2017-2636	external
https://bugzilla.suse.com/1027565	external
https://bugzilla.suse.com/1027575	external
https://bugzilla.suse.com/1028372	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7533	external
https://bugzilla.suse.com/1049483	external
https://bugzilla.suse.com/1050677	external
https://bugzilla.suse.com/1050751	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-7645	external
https://bugzilla.suse.com/1034670	external
https://bugzilla.suse.com/1036741	external
https://bugzilla.suse.com/1046191	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-8890	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1038564	external
https://bugzilla.suse.com/1039883	external
https://bugzilla.suse.com/1039885	external
https://bugzilla.suse.com/1040069	external
https://bugzilla.suse.com/1042364	external
https://bugzilla.suse.com/1051906	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9242	external
https://bugzilla.suse.com/1041431	external
https://bugzilla.suse.com/1042892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for Linux Kernel Live Patch 8 for SLE 12 SP1",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 3.12.62-60_64_8 fixes several issues.\n\nThe following security bugs were fixed:\n\n- CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).\n- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).\n- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038564).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SAP-12-SP1-2017-1295,SUSE-SLE-SERVER-12-SP1-2017-1295",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2088-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2088-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172088-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2088-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-August/003107.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027575",
        "url": "https://bugzilla.suse.com/1027575"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038564",
        "url": "https://bugzilla.suse.com/1038564"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042892",
        "url": "https://bugzilla.suse.com/1042892"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046191",
        "url": "https://bugzilla.suse.com/1046191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050751",
        "url": "https://bugzilla.suse.com/1050751"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2636 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7645 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7645/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8890 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8890/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9242 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9242/"
      }
    ],
    "title": "Security update for Linux Kernel Live Patch 8 for SLE 12 SP1",
    "tracking": {
      "current_release_date": "2017-08-08T07:27:40Z",
      "generator": {
        "date": "2017-08-08T07:27:40Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2088-1",
      "initial_release_date": "2017-08-08T07:27:40Z",
      "revision_history": [
        {
          "date": "2017-08-08T07:27:40Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-2636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2636",
          "url": "https://www.suse.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027565 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027575 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028372 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1028372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:40Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2017-7533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7533",
          "url": "https://www.suse.com/security/cve/CVE-2017-7533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049483 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1049483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050677 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050751 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7533"
    },
    {
      "cve": "CVE-2017-7645",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7645"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7645",
          "url": "https://www.suse.com/security/cve/CVE-2017-7645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1034670 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1034670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1036741 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1036741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046191 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1046191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7645"
    },
    {
      "cve": "CVE-2017-8890",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8890"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8890",
          "url": "https://www.suse.com/security/cve/CVE-2017-8890"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038564 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038564"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039883 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039885 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039885"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1040069 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1040069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042364 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1042364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051906 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1051906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-8890"
    },
    {
      "cve": "CVE-2017-9242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9242",
          "url": "https://www.suse.com/security/cve/CVE-2017-9242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1041431 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1041431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042892 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1042892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-default-10-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_62-60_64_8-xen-10-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:40Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-9242"
    }
  ]
}

SUSE-SU-2017:2092-1

Vulnerability from csaf_suse - Published: 2017-08-08 07:27 - Updated: 2017-08-08 07:27

Summary

Security update for Linux Kernel Live Patch 13 for SLE 12 SP1

Severity

Important

Notes

Title of the patch: Security update for Linux Kernel Live Patch 13 for SLE 12 SP1

Description of the patch: This update for the Linux Kernel 3.12.69-60_64_32 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751). - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892). - CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038564).

Patchnames: SUSE-SLE-SAP-12-SP1-2017-1293,SUSE-SLE-SERVER-12-SP1-2017-1293

CVE-2017-2636

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7533

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-7645

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-8890

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-9242

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64	—	Vendor Fix

Threats

Impact important

References

41 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1027575	self
https://bugzilla.suse.com/1038564	self
https://bugzilla.suse.com/1042892	self
https://bugzilla.suse.com/1046191	self
https://bugzilla.suse.com/1050751	self
https://www.suse.com/security/cve/CVE-2017-2636/	self
https://www.suse.com/security/cve/CVE-2017-7533/	self
https://www.suse.com/security/cve/CVE-2017-7645/	self
https://www.suse.com/security/cve/CVE-2017-8890/	self
https://www.suse.com/security/cve/CVE-2017-9242/	self
https://www.suse.com/security/cve/CVE-2017-2636	external
https://bugzilla.suse.com/1027565	external
https://bugzilla.suse.com/1027575	external
https://bugzilla.suse.com/1028372	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7533	external
https://bugzilla.suse.com/1049483	external
https://bugzilla.suse.com/1050677	external
https://bugzilla.suse.com/1050751	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-7645	external
https://bugzilla.suse.com/1034670	external
https://bugzilla.suse.com/1036741	external
https://bugzilla.suse.com/1046191	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-8890	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1038564	external
https://bugzilla.suse.com/1039883	external
https://bugzilla.suse.com/1039885	external
https://bugzilla.suse.com/1040069	external
https://bugzilla.suse.com/1042364	external
https://bugzilla.suse.com/1051906	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9242	external
https://bugzilla.suse.com/1041431	external
https://bugzilla.suse.com/1042892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for Linux Kernel Live Patch 13 for SLE 12 SP1",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 3.12.69-60_64_32 fixes several issues.\n\nThe following security bugs were fixed:\n\n- CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).\n- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).\n- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bsc#1038564).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SAP-12-SP1-2017-1293,SUSE-SLE-SERVER-12-SP1-2017-1293",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2092-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2092-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172092-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2092-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-August/003111.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027575",
        "url": "https://bugzilla.suse.com/1027575"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038564",
        "url": "https://bugzilla.suse.com/1038564"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042892",
        "url": "https://bugzilla.suse.com/1042892"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046191",
        "url": "https://bugzilla.suse.com/1046191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050751",
        "url": "https://bugzilla.suse.com/1050751"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2636 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7645 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7645/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8890 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8890/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9242 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9242/"
      }
    ],
    "title": "Security update for Linux Kernel Live Patch 13 for SLE 12 SP1",
    "tracking": {
      "current_release_date": "2017-08-08T07:27:24Z",
      "generator": {
        "date": "2017-08-08T07:27:24Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2092-1",
      "initial_release_date": "2017-08-08T07:27:24Z",
      "revision_history": [
        {
          "date": "2017-08-08T07:27:24Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12:sp1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-2636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2636",
          "url": "https://www.suse.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027565 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027575 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028372 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1028372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:24Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2017-7533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7533",
          "url": "https://www.suse.com/security/cve/CVE-2017-7533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049483 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1049483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050677 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050751 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:24Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7533"
    },
    {
      "cve": "CVE-2017-7645",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7645"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7645",
          "url": "https://www.suse.com/security/cve/CVE-2017-7645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1034670 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1034670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1036741 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1036741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046191 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1046191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:24Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7645"
    },
    {
      "cve": "CVE-2017-8890",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8890"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8890",
          "url": "https://www.suse.com/security/cve/CVE-2017-8890"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038564 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038564"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039883 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039885 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039885"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1040069 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1040069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042364 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1042364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051906 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1051906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:24Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-8890"
    },
    {
      "cve": "CVE-2017-9242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9242",
          "url": "https://www.suse.com/security/cve/CVE-2017-9242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1041431 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1041431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042892 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1042892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-default-5-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_69-60_64_32-xen-5-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T07:27:24Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-9242"
    }
  ]
}

SUSE-SU-2017:2093-1

Vulnerability from csaf_suse - Published: 2017-08-08 09:29 - Updated: 2017-08-08 09:29

Summary

Security update for Linux Kernel Live Patch 17 for SLE 12

Severity

Important

Notes

Title of the patch: Security update for Linux Kernel Live Patch 17 for SLE 12

Description of the patch: This update for the Linux Kernel 3.12.60-52_60 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751). - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).

Patchnames: SUSE-SLE-SAP-12-2017-1296,SUSE-SLE-SERVER-12-2017-1296

CVE-2017-2636

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7533

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-7645

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-9242

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

References

30 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1027575	self
https://bugzilla.suse.com/1042892	self
https://bugzilla.suse.com/1046191	self
https://bugzilla.suse.com/1050751	self
https://www.suse.com/security/cve/CVE-2017-2636/	self
https://www.suse.com/security/cve/CVE-2017-7533/	self
https://www.suse.com/security/cve/CVE-2017-7645/	self
https://www.suse.com/security/cve/CVE-2017-9242/	self
https://www.suse.com/security/cve/CVE-2017-2636	external
https://bugzilla.suse.com/1027565	external
https://bugzilla.suse.com/1027575	external
https://bugzilla.suse.com/1028372	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7533	external
https://bugzilla.suse.com/1049483	external
https://bugzilla.suse.com/1050677	external
https://bugzilla.suse.com/1050751	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-7645	external
https://bugzilla.suse.com/1034670	external
https://bugzilla.suse.com/1036741	external
https://bugzilla.suse.com/1046191	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-9242	external
https://bugzilla.suse.com/1041431	external
https://bugzilla.suse.com/1042892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for Linux Kernel Live Patch 17 for SLE 12",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 3.12.60-52_60 fixes several issues.\n\nThe following security bugs were fixed:\n\n- CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).\n- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SAP-12-2017-1296,SUSE-SLE-SERVER-12-2017-1296",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2093-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2093-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172093-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2093-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-August/003112.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027575",
        "url": "https://bugzilla.suse.com/1027575"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042892",
        "url": "https://bugzilla.suse.com/1042892"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046191",
        "url": "https://bugzilla.suse.com/1046191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050751",
        "url": "https://bugzilla.suse.com/1050751"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2636 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7645 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7645/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9242 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9242/"
      }
    ],
    "title": "Security update for Linux Kernel Live Patch 17 for SLE 12",
    "tracking": {
      "current_release_date": "2017-08-08T09:29:06Z",
      "generator": {
        "date": "2017-08-08T09:29:06Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2093-1",
      "initial_release_date": "2017-08-08T09:29:06Z",
      "revision_history": [
        {
          "date": "2017-08-08T09:29:06Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-2636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2636",
          "url": "https://www.suse.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027565 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027575 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028372 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1028372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:06Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2017-7533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7533",
          "url": "https://www.suse.com/security/cve/CVE-2017-7533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049483 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1049483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050677 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050751 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7533"
    },
    {
      "cve": "CVE-2017-7645",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7645"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7645",
          "url": "https://www.suse.com/security/cve/CVE-2017-7645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1034670 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1034670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1036741 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1036741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046191 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1046191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7645"
    },
    {
      "cve": "CVE-2017-9242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9242",
          "url": "https://www.suse.com/security/cve/CVE-2017-9242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1041431 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1041431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042892 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1042892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_60-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:06Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-9242"
    }
  ]
}

SUSE-SU-2017:2095-1

Vulnerability from csaf_suse - Published: 2017-08-08 09:29 - Updated: 2017-08-08 09:29

Summary

Security update for Linux Kernel Live Patch 18 for SLE 12

Severity

Important

Notes

Title of the patch: Security update for Linux Kernel Live Patch 18 for SLE 12

Description of the patch: This update for the Linux Kernel 3.12.60-52_63 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751). - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).

Patchnames: SUSE-SLE-SAP-12-2017-1297,SUSE-SLE-SERVER-12-2017-1297

CVE-2017-2636

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7533

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-7645

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-9242

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64	—	Vendor Fix

Threats

Impact important

References

30 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1027575	self
https://bugzilla.suse.com/1042892	self
https://bugzilla.suse.com/1046191	self
https://bugzilla.suse.com/1050751	self
https://www.suse.com/security/cve/CVE-2017-2636/	self
https://www.suse.com/security/cve/CVE-2017-7533/	self
https://www.suse.com/security/cve/CVE-2017-7645/	self
https://www.suse.com/security/cve/CVE-2017-9242/	self
https://www.suse.com/security/cve/CVE-2017-2636	external
https://bugzilla.suse.com/1027565	external
https://bugzilla.suse.com/1027575	external
https://bugzilla.suse.com/1028372	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7533	external
https://bugzilla.suse.com/1049483	external
https://bugzilla.suse.com/1050677	external
https://bugzilla.suse.com/1050751	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-7645	external
https://bugzilla.suse.com/1034670	external
https://bugzilla.suse.com/1036741	external
https://bugzilla.suse.com/1046191	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-9242	external
https://bugzilla.suse.com/1041431	external
https://bugzilla.suse.com/1042892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for Linux Kernel Live Patch 18 for SLE 12",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 3.12.60-52_63 fixes several issues.\n\nThe following security bugs were fixed:\n\n- CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).\n- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SAP-12-2017-1297,SUSE-SLE-SERVER-12-2017-1297",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2095-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2095-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172095-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2095-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-August/003114.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027575",
        "url": "https://bugzilla.suse.com/1027575"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042892",
        "url": "https://bugzilla.suse.com/1042892"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046191",
        "url": "https://bugzilla.suse.com/1046191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050751",
        "url": "https://bugzilla.suse.com/1050751"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2636 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7645 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7645/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9242 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9242/"
      }
    ],
    "title": "Security update for Linux Kernel Live Patch 18 for SLE 12",
    "tracking": {
      "current_release_date": "2017-08-08T09:29:14Z",
      "generator": {
        "date": "2017-08-08T09:29:14Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2095-1",
      "initial_release_date": "2017-08-08T09:29:14Z",
      "revision_history": [
        {
          "date": "2017-08-08T09:29:14Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-2636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2636",
          "url": "https://www.suse.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027565 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027575 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028372 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1028372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:14Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2017-7533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7533",
          "url": "https://www.suse.com/security/cve/CVE-2017-7533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049483 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1049483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050677 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050751 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7533"
    },
    {
      "cve": "CVE-2017-7645",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7645"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7645",
          "url": "https://www.suse.com/security/cve/CVE-2017-7645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1034670 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1034670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1036741 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1036741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046191 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1046191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7645"
    },
    {
      "cve": "CVE-2017-9242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9242",
          "url": "https://www.suse.com/security/cve/CVE-2017-9242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1041431 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1041431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042892 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1042892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-default-7-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_63-xen-7-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:14Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-9242"
    }
  ]
}

SUSE-SU-2017:2096-1

Vulnerability from csaf_suse - Published: 2017-08-08 09:29 - Updated: 2017-08-08 09:29

Summary

Security update for Linux Kernel Live Patch 19 for SLE 12

Severity

Important

Notes

Title of the patch: Security update for Linux Kernel Live Patch 19 for SLE 12

Description of the patch: This update for the Linux Kernel 3.12.61-52_66 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751). - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575). - A SUSE Linux Enterprise specific regression in tearing down network namespaces was fixed (bsc#1044878) - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).

Patchnames: SUSE-SLE-SAP-12-2017-1298,SUSE-SLE-SERVER-12-2017-1298

CVE-2017-2636

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7533

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-7645

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-9242

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64	—	Vendor Fix

Threats

Impact important

References

31 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1027575	self
https://bugzilla.suse.com/1042892	self
https://bugzilla.suse.com/1044878	self
https://bugzilla.suse.com/1046191	self
https://bugzilla.suse.com/1050751	self
https://www.suse.com/security/cve/CVE-2017-2636/	self
https://www.suse.com/security/cve/CVE-2017-7533/	self
https://www.suse.com/security/cve/CVE-2017-7645/	self
https://www.suse.com/security/cve/CVE-2017-9242/	self
https://www.suse.com/security/cve/CVE-2017-2636	external
https://bugzilla.suse.com/1027565	external
https://bugzilla.suse.com/1027575	external
https://bugzilla.suse.com/1028372	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7533	external
https://bugzilla.suse.com/1049483	external
https://bugzilla.suse.com/1050677	external
https://bugzilla.suse.com/1050751	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-7645	external
https://bugzilla.suse.com/1034670	external
https://bugzilla.suse.com/1036741	external
https://bugzilla.suse.com/1046191	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-9242	external
https://bugzilla.suse.com/1041431	external
https://bugzilla.suse.com/1042892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for Linux Kernel Live Patch 19 for SLE 12",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 3.12.61-52_66 fixes several issues.\n\nThe following security bugs were fixed:\n\n- CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).\n- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575).\n- A SUSE Linux Enterprise specific regression in tearing down network namespaces was fixed (bsc#1044878)\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SAP-12-2017-1298,SUSE-SLE-SERVER-12-2017-1298",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2096-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2096-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172096-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2096-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-August/003115.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027575",
        "url": "https://bugzilla.suse.com/1027575"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042892",
        "url": "https://bugzilla.suse.com/1042892"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044878",
        "url": "https://bugzilla.suse.com/1044878"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046191",
        "url": "https://bugzilla.suse.com/1046191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050751",
        "url": "https://bugzilla.suse.com/1050751"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2636 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7645 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7645/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9242 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9242/"
      }
    ],
    "title": "Security update for Linux Kernel Live Patch 19 for SLE 12",
    "tracking": {
      "current_release_date": "2017-08-08T09:29:22Z",
      "generator": {
        "date": "2017-08-08T09:29:22Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2096-1",
      "initial_release_date": "2017-08-08T09:29:22Z",
      "revision_history": [
        {
          "date": "2017-08-08T09:29:22Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-2636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2636",
          "url": "https://www.suse.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027565 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027575 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028372 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1028372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:22Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2017-7533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7533",
          "url": "https://www.suse.com/security/cve/CVE-2017-7533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049483 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1049483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050677 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050751 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7533"
    },
    {
      "cve": "CVE-2017-7645",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7645"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7645",
          "url": "https://www.suse.com/security/cve/CVE-2017-7645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1034670 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1034670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1036741 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1036741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046191 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1046191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7645"
    },
    {
      "cve": "CVE-2017-9242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9242",
          "url": "https://www.suse.com/security/cve/CVE-2017-9242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1041431 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1041431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042892 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1042892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-default-6-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_61-52_66-xen-6-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T09:29:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-9242"
    }
  ]
}

SUSE-SU-2017:2099-1

Vulnerability from csaf_suse - Published: 2017-08-08 11:32 - Updated: 2017-08-08 11:32

Summary

Security update for Linux Kernel Live Patch 16 for SLE 12

Severity

Important

Notes

Title of the patch: Security update for Linux Kernel Live Patch 16 for SLE 12

Description of the patch: This update for the Linux Kernel 3.12.60-52_57 fixes several issues. The following security bugs were fixed: - CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751). - CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).

Patchnames: SUSE-SLE-SAP-12-2017-1304,SUSE-SLE-SERVER-12-2017-1304

CVE-2017-2636

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7533

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-7645

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-9242

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 4 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64	—	Vendor Fix

Threats

Impact important

References

30 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1027575	self
https://bugzilla.suse.com/1042892	self
https://bugzilla.suse.com/1046191	self
https://bugzilla.suse.com/1050751	self
https://www.suse.com/security/cve/CVE-2017-2636/	self
https://www.suse.com/security/cve/CVE-2017-7533/	self
https://www.suse.com/security/cve/CVE-2017-7645/	self
https://www.suse.com/security/cve/CVE-2017-9242/	self
https://www.suse.com/security/cve/CVE-2017-2636	external
https://bugzilla.suse.com/1027565	external
https://bugzilla.suse.com/1027575	external
https://bugzilla.suse.com/1028372	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7533	external
https://bugzilla.suse.com/1049483	external
https://bugzilla.suse.com/1050677	external
https://bugzilla.suse.com/1050751	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-7645	external
https://bugzilla.suse.com/1034670	external
https://bugzilla.suse.com/1036741	external
https://bugzilla.suse.com/1046191	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-9242	external
https://bugzilla.suse.com/1041431	external
https://bugzilla.suse.com/1042892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for Linux Kernel Live Patch 16 for SLE 12",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for the Linux Kernel 3.12.60-52_57 fixes several issues.\n\nThe following security bugs were fixed:\n\n- CVE-2017-7533: A bug in inotify code allowed local users to escalate privilege (bsc#1050751).\n- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c (bsc#1046191).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bsc#1027575).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bsc#1042892).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-SAP-12-2017-1304,SUSE-SLE-SERVER-12-2017-1304",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2099-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2099-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172099-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2099-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-August/003117.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027575",
        "url": "https://bugzilla.suse.com/1027575"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042892",
        "url": "https://bugzilla.suse.com/1042892"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046191",
        "url": "https://bugzilla.suse.com/1046191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050751",
        "url": "https://bugzilla.suse.com/1050751"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2636 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7645 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7645/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9242 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9242/"
      }
    ],
    "title": "Security update for Linux Kernel Live Patch 16 for SLE 12",
    "tracking": {
      "current_release_date": "2017-08-08T11:32:05Z",
      "generator": {
        "date": "2017-08-08T11:32:05Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2099-1",
      "initial_release_date": "2017-08-08T11:32:05Z",
      "revision_history": [
        {
          "date": "2017-08-08T11:32:05Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
                  "product_id": "kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-2636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2636",
          "url": "https://www.suse.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027565 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027575 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028372 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1028372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T11:32:05Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2017-7533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7533",
          "url": "https://www.suse.com/security/cve/CVE-2017-7533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049483 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1049483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050677 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050751 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T11:32:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7533"
    },
    {
      "cve": "CVE-2017-7645",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7645"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7645",
          "url": "https://www.suse.com/security/cve/CVE-2017-7645"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1034670 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1034670"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1036741 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1036741"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046191 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1046191"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-7645",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T11:32:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7645"
    },
    {
      "cve": "CVE-2017-9242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9242",
          "url": "https://www.suse.com/security/cve/CVE-2017-9242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1041431 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1041431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042892 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1042892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-default-8-2.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:kgraft-patch-3_12_60-52_57-xen-8-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-08-08T11:32:05Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-9242"
    }
  ]
}

SUSE-SU-2017:2342-1

Vulnerability from csaf_suse - Published: 2017-09-04 13:37 - Updated: 2017-09-04 13:37

Summary

Security update for the Linux Kernel

Severity

Important

Notes

Title of the patch: Security update for the Linux Kernel

Description of the patch: The SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2014-9922: The eCryptfs subsystem in the Linux kernel allowed local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c (bsc#1032340). - CVE-2015-3288: mm/memory.c in the Linux kernel mishandled anonymous pages, which allowed local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero (bnc#979021). - CVE-2015-8970: crypto/algif_skcipher.c in the Linux kernel did not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that did not supply a key, related to the lrw_crypt function in crypto/lrw.c (bnc#1008374 bsc#1008850). - CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415). - CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956). - CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362). - CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986365). - CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212). - CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077). - CVE-2017-1000363: A buffer overflow in kernel commandline handling of the 'lp' parameter could be used to bypass certain secure boot settings. (bnc#1039456). - CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be 'jumped' over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010) (bnc#1039348). - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation (bnc#1039354). - CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125). - CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275). - CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bsc#1049603). - CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565 bsc#1028372). - CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593). - CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003). - CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914). - CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bnc#1024938). - CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bnc#1025235). - CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024 bsc#1033287). - CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722). - CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly manages lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178). - CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066). - CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type (bnc#1029850). - CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52 (bnc#1030573). - CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213). - CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052). - CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440). - CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls (bnc#1031579). - CVE-2017-7482: Fixed a potential overflow in the net/rxprc where a padded len isn't checked in ticket decode (bsc#1046107). - CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879). - CVE-2017-7533: Race condition in the fsnotify implementation in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions (bsc#1049483). - CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bsc#1049882). - CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336). - CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544). - CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982). - CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981). - CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882). - CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883). - CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885). - CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431). The following non-security bugs were fixed: - 8250: use callbacks to access UART_DLL/UART_DLM. - acpi: Disable APEI error injection if securelevel is set (bsc#972891, bsc#1023051). - af_key: Add lock to key dump (bsc#1047653). - af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354). - alsa: ctxfi: Fallback DMA mask to 32bit (bsc#1045538). - alsa: hda - Fix regression of HD-audio controller fallback modes (bsc#1045538). - alsa: hda/realtek - Correction of fixup codes for PB V7900 laptop (bsc#1045538). - alsa: hda/realtek - Fix COEF widget NID for ALC260 replacer fixup (bsc#1045538). - alsa: hda - using uninitialized data (bsc#1045538). - alsa: off by one bug in snd_riptide_joystick_probe() (bsc#1045538). - alsa: seq: Fix snd_seq_call_port_info_ioctl in compat mode (bsc#1045538). - ath9k: fix buffer overrun for ar9287 (bsc#1045538). - __bitmap_parselist: fix bug in empty string handling (bnc#1042633). - blacklist.conf: Add a few inapplicable items (bsc#1045538). - blacklist.conf: blacklisted 1fe89e1b6d27 (bnc#1046122) - block: do not allow updates through sysfs until registration completes (bsc#1047027). - block: fix ext_dev_lock lockdep report (bsc#1050154). - btrfs: Don't clear SGID when inheriting ACLs (bsc#1030552). - cifs: backport prepath matching fix (bsc#799133). - cifs: don't compare uniqueids in cifs_prime_dcache unless server inode numbers are in use (bsc#1041975). - cifs: small underflow in cnvrtDosUnixTm() (bsc#1043935). - cifs: Timeout on SMBNegotiate request (bsc#1044913). - clocksource: Remove 'weak' from clocksource_default_clock() declaration (bnc#1013018). - cputime: Avoid multiplication overflow on utime scaling (bnc#938352). - crypto: nx - off by one bug in nx_of_update_msc() (fate#314588,bnc#792863). - decompress_bunzip2: off by one in get_next_block() (git-fixes). - devres: fix a for loop bounds check (git-fixes). - dlm: backport 'fix lvb invalidation conditions' (bsc#1005651). - dm: fix ioctl retry termination with signal (bsc#1050154). - drm/mgag200: Add support for G200eH3 (bnc#1044216, fate#323551) - drm/mgag200: Add support for G200e rev 4 (bnc#995542, comment #81) - edac, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr() (fate#313937). - enic: set skb->hash type properly (bsc#911105 FATE#317501). - ext2: Don't clear SGID when inheriting ACLs (bsc#1030552). - ext3: Don't clear SGID when inheriting ACLs (bsc#1030552). - ext4: Don't clear SGID when inheriting ACLs (bsc#1030552). - ext4: fix fdatasync(2) after extent manipulation operations (bsc#1013018). - ext4: fix mballoc breakage with 64k block size (bsc#1013018). - ext4: fix stack memory corruption with 64k block size (bsc#1013018). - ext4: keep existing extra fields when inode expands (bsc#1013018). - ext4: reject inodes with negative size (bsc#1013018). - fbdev/efifb: Fix 16 color palette entry calculation (bsc#1041762). - firmware: fix directory creation rule matching with make 3.80 (bsc#1012422). - firmware: fix directory creation rule matching with make 3.82 (bsc#1012422). - fixed invalid assignment of 64bit mask to host dma_boundary for scatter gather segment boundary limit (bsc#1042045). - Fix soft lockup in svc_rdma_send (bsc#1044854). - fnic: Return 'DID_IMM_RETRY' if rport is not ready (bsc#1035920). - fnic: Using rport->dd_data to check rport online instead of rport_lookup (bsc#1035920). - fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes). - fs: fix data invalidation in the cleancache during direct IO (git-fixes). - fs/xattr.c: zero out memory copied to userspace in getxattr (bsc#1013018). - fuse: add missing FR_FORCE (bsc#1013018). - fuse: initialize fc->release before calling it (bsc#1013018). - genirq: Prevent proc race against freeing of irq descriptors (bnc#1044230). - hrtimer: Allow concurrent hrtimer_start() for self restarting timers (bnc#1013018). - i40e: avoid null pointer dereference (bsc#909486 FATE#317393). - i40e: Fix TSO with more than 8 frags per segment issue (bsc#985561). - i40e/i40evf: Break up xmit_descriptor_count from maybe_stop_tx (bsc#985561). - i40e/i40evf: Fix mixed size frags and linearization (bsc#985561). - i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet (bsc#985561). - i40e/i40evf: Rewrite logic for 8 descriptor per packet check (bsc#985561). - i40e: Impose a lower limit on gso size (bsc#985561). - i40e: Limit TX descriptor count in cases where frag size is greater than 16K (bsc#985561). - ib/mlx4: Demote mcg message from warning to debug (bsc#919382). - ib/mlx4: Fix ib device initialization error flow (bsc#919382). - ib/mlx4: Fix port query for 56Gb Ethernet links (bsc#919382). - ib/mlx4: Handle well-known-gid in mad_demux processing (bsc#919382). - ib/mlx4: Reduce SRIOV multicast cleanup warning message to debug level (bsc#919382). - ib/mlx4: Set traffic class in AH (bsc#919382). - Implement an ioctl to support the USMTMC-USB488 READ_STATUS_BYTE operation (bsc#1036288). - initial cr0 bits (bnc#1036056, LTC#153612). - input: cm109 - validate number of endpoints before using them (bsc#1037193). - input: hanwang - validate number of endpoints before using them (bsc#1037232). - input: yealink - validate number of endpoints before using them (bsc#1037227). - ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route (git-fixes). - irq: Fix race condition (bsc#1042615). - isdn/gigaset: fix NULL-deref at probe (bsc#1037356). - isofs: Do not return EACCES for unknown filesystems (bsc#1013018). - jbd: do not wait (forever) for stale tid caused by wraparound (bsc#1020229). - jbd: Fix oops in journal_remove_journal_head() (bsc#1017143). - jsm: add support for additional Neo cards (bsc#1045615). - kabi fix (bsc#1008893). - kABI: mask struct xfs_icdinode change (bsc#1024788). - kabi: Protect xfs_mount and xfs_buftarg (bsc#1024508). - kabi:severeties: Add splice_write_to_file PASS This function is part of an xfs-specific fix which never went upstream and is not expected to have 3rdparty users other than xfs itself. - kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422) - keys: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576). - kvm: kvm_io_bus_unregister_dev() should never fail. - libata: fix sff host state machine locking while polling (bsc#1045525). - libceph: NULL deref on crush_decode() error path (bsc#1044015). - libceph: potential NULL dereference in ceph_msg_data_create() (bsc#1051515). - libfc: fixup locking in fc_disc_stop() (bsc#1029140). - libfc: move 'pending' and 'requested' setting (bsc#1029140). - libfc: only restart discovery after timeout if not already running (bsc#1029140). - lockd: use init_utsname for id encoding (bsc#1033804). - lockd: use rpc client's cl_nodename for id encoding (bsc#1033804). - locking/rtmutex: Prevent dequeue vs. unlock race (bnc#1013018). - math64: New div64_u64_rem helper (bnc#938352). - md: ensure md devices are freed before module is unloaded (git-fixes). - md: fix a null dereference (bsc#1040351). - md: flush ->event_work before stopping array (git-fixes). - md linear: fix a race between linear_add() and linear_congested() (bsc#1018446). - md/linear: shutup lockdep warnning (bsc#1018446). - md: make sure GET_ARRAY_INFO ioctl reports correct 'clean' status (git-fixes). - md/raid0: apply base queue limits *before* disk_stack_limits (git-fixes). - md/raid1: extend spinlock to protect raid1_end_read_request against inconsistencies (git-fixes). - md/raid1: fix test for 'was read error from last working device' (git-fixes). - md/raid5: do not record new size if resize_stripes fails (git-fixes). - md/raid5: Fix CPU hotplug callback registration (git-fixes). - md: use separate bio_pool for metadata writes (bsc#1040351). - megaraid_sas: add missing curly braces in ioctl handler (bsc#1050154). - mlx4: reduce OOM risk on arches with large pages (bsc#919382). - mmc: core: add missing pm event in mmc_pm_notify to fix hib restore (bsc#1045547). - mmc: ushc: fix NULL-deref at probe (bsc#1037191). - mm: do not collapse stack gap into THP (bnc#1039348) - mm: enlarge stack guard gap (bnc#1039348). - mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check (VM Functionality, bsc#1042832). - mm: hugetlb: call huge_pte_alloc() only if ptep is null (VM Functionality, bsc#1042832). - mm/memory-failure.c: use compound_head() flags for huge pages (bnc#971975 VM -- git fixes). - mm/mempolicy.c: do not put mempolicy before using its nodemask (References: VM Performance, bnc#931620). - mm, mmap: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348, bnc#1045340, bnc#1045406). - module: fix memory leak on early load_module() failures (bsc#1043014). - Move nr_cpus_allowed into a hole in struct_sched_entity instead of the one below task_struct.policy. RT fills the hole 29baa7478ba4 used, which will screw up kABI for RT instead of curing the space needed problem in sched_rt_entity caused by adding ff77e4685359. This leaves nr_cpus_alowed in an odd spot, but safely allows the RT entity specific data added by ff77e4685359 to reside where it belongs.. nr_cpus_allowed just moves from one odd spot to another. - mwifiex: printk() overflow with 32-byte SSIDs (bsc#1048185). - net: avoid reference counter overflows on fib_rules in multicast forwarding (git-fixes). - net: ip6mr: fix static mfc/dev leaks on table destruction (git-fixes). - net: ipmr: fix static mfc/dev leaks on table destruction (git-fixes). - net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV (bsc#919382). - net/mlx4_core: Enhance the MAD_IFC wrapper to convert VF port to physical (bsc#919382). - net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new probed PFs (bsc#919382). - net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#919382). - net/mlx4_core: Get num_tc using netdev_get_num_tc (bsc#919382). - net/mlx4_core: Prevent VF from changing port configuration (bsc#919382). - net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach (bsc#919382). - net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#919382). - net/mlx4_en: Avoid adding steering rules with invalid ring (bsc#919382). - net/mlx4_en: Change the error print to debug print (bsc#919382). - net/mlx4_en: fix overflow in mlx4_en_init_timestamp() (bsc#919382). - net/mlx4_en: Fix type mismatch for 32-bit systems (bsc#919382). - net/mlx4_en: Resolve dividing by zero in 32-bit system (bsc#919382). - net/mlx4_en: Wake TX queues only when there's enough room (bsc#1039258). - net/mlx4: Fix the check in attaching steering rules (bsc#919382). - net/mlx4: Fix uninitialized fields in rule when adding promiscuous mode to device managed flow steering (bsc#919382). - net: wimax/i2400m: fix NULL-deref at probe (bsc#1037358). - netxen_nic: set rcode to the return status from the call to netxen_issue_cmd (bnc#784815 FATE#313898). - nfs: Avoid getting confused by confused server (bsc#1045416). - nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670). - nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670). - nfsd: do not risk using duplicate owner/file/delegation ids (bsc#1029212). - nfsd: Don't use state id of 0 - it is reserved (bsc#1049688 bsc#1051770). - nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670). - nfs: Fix another OPEN_DOWNGRADE bug (git-next). - nfs: fix nfs_size_to_loff_t (git-fixes). - nfs: Fix size of NFSACL SETACL operations (git-fixes). - nfs: Make nfs_readdir revalidate less often (bsc#1048232). - nfs: tidy up nfs_show_mountd_netid (git-fixes). - nfsv4: Do not call put_rpccred() under the rcu_read_lock() (git-fixes). - nfsv4: Fix another bug in the close/open_downgrade code (git-fixes). - nfsv4: fix getacl head length estimation (git-fixes). - nfsv4: Fix problems with close in the presence of a delegation (git-fixes). - nfsv4: Fix the underestimation of delegation XDR space reservation (git-fixes). - ocfs2: do not write error flag to user structure we cannot copy from/to (bsc#1013018). - ocfs2: Don't clear SGID when inheriting ACLs (bsc#1030552). - ocfs2: fix crash caused by stale lvb with fsdlm plugin (bsc#1013800). - ocfs2: fix error return code in ocfs2_info_handle_freefrag() (bsc#1013018). - ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock (bsc#962257). - ocfs2: null deref on allocation error (bsc#1013018). - pci: Allow access to VPD attributes with size 0 (bsc#1018074). - pciback: only check PF if actually dealing with a VF (bsc#999245). - pciback: use pci_physfn() (bsc#999245). - pci: Fix devfn for VPD access through function 0 (bnc#943786 git-fixes). - perf/core: Correct event creation with PERF_FORMAT_GROUP (bnc#1013018). - perf/core: Fix event inheritance on fork() (bnc#1013018). - posix-timers: Fix stack info leak in timer_create() (bnc#1013018). - powerpc,cpuidle: Dont toggle CPUIDLE_FLAG_IGNORE while setting smt_snooze_delay (bsc#1023163). - powerpc: Drop support for pre-POWER4 cpus (fate#322495, bsc#1032471). - powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971). - powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141). - powerpc/fadump: Update fadump documentation (bsc#1032141). - powerpc/mm: Do not alias user region to other regions below PAGE_OFFSET (bsc#928138,fate#319026). - powerpc/mm/hash: Check for non-kernel address in get_kernel_vsid() (fate#322495, bsc#1032471). - powerpc/mm/hash: Convert mask to unsigned long (fate#322495, bsc#1032471). - powerpc/mm/hash: Increase VA range to 128TB (fate#322495, bsc#1032471). - powerpc/mm/hash: Properly mask the ESID bits when building proto VSID (fate#322495, bsc#1032471). - powerpc/mm/hash: Support 68 bit VA (fate#322495, bsc#1032471). - powerpc/mm/hash: Use context ids 1-4 for the kernel (fate#322495, bsc#1032471). - powerpc/mm: Remove checks that TASK_SIZE_USER64 is too small (fate#322495, bsc#1032471). - powerpc/mm/slice: Convert slice_mask high slice to a bitmap (fate#322495, bsc#1032471). - powerpc/mm/slice: Fix off-by-1 error when computing slice mask (fate#322495, bsc#1032471). - powerpc/mm/slice: Move slice_mask struct definition to slice.c (fate#322495, bsc#1032471). - powerpc/mm/slice: Update slice mask printing to use bitmap printing (fate#322495, bsc#1032471). - powerpc/mm/slice: Update the function prototype (fate#322495, bsc#1032471). - powerpc/mm: use macro PGTABLE_EADDR_SIZE instead of digital (fate#322495, bsc#1032471). - powerpc/nvram: Fix an incorrect partition merge (bsc#1016489). - powerpc/pseries: Release DRC when configure_connector fails (bsc#1035777, Pending Base Kernel Fixes). - powerpc: Remove STAB code (fate#322495, bsc#1032471). - powerpc/vdso64: Use double word compare on pointers (bsc#1016489). - raid1: avoid unnecessary spin locks in I/O barrier code (bsc#982783,bsc#1026260). - random32: fix off-by-one in seeding requirement (git-fixes). - rcu: Call out dangers of expedited RCU primitives (bsc#1008893). - rcu: Direct algorithmic SRCU implementation (bsc#1008893). - rcu: Flip ->completed only once per SRCU grace period (bsc#1008893). - rcu: Implement a variant of Peter's SRCU algorithm (bsc#1008893). - rcu: Increment upper bit only for srcu_read_lock() (bsc#1008893). - rcu: Remove fast check path from __synchronize_srcu() (bsc#1008893). - reiserfs: Don't clear SGID when inheriting ACLs (bsc#1030552). - reiserfs: don't preallocate blocks for extended attributes (bsc#990682). - Remove patches causing regression (bsc#1043234) - Remove superfluous make flags (bsc#1012422) - Return short read or 0 at end of a raw device, not EIO (bsc#1039594). - Revert 'kabi:severeties: Add splice_write_to_file PASS' This reverts commit 05ecf7ab16b2ea555fadd1ce17d8177394de88f2. - Revert 'math64: New div64_u64_rem helper' (bnc#938352). - Revert 'xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).' I was baing my assumption of SLE11-SP4 needing this patch on an old kernel build (3.0.101-63). Re-testing with the latest one 3.0.101-94 shows that the issue is not present. Furthermore this one was causing some crashes. This reverts commit 16ceeac70f7286b6232861c3170ed32e39dcc68c. - rfkill: fix rfkill_fop_read wait_event usage (bsc#1046192). - s390/kmsg: add missing kmsg descriptions (bnc#1025702, LTC#151573). - s390/qdio: clear DSCI prior to scanning multiple input queues (bnc#1046715, LTC#156234). - s390/qeth: no ETH header for outbound AF_IUCV (bnc#1046715, LTC#156276). - s390/qeth: size calculation outbound buffers (bnc#1046715, LTC#156276). - s390/vmlogrdr: fix IUCV buffer allocation (bnc#1025702, LTC#152144). - s390/zcrypt: Introduce CEX6 toleration (FATE#321782, LTC#147505). - sched: Always initialize cpu-power (bnc#1013018). - sched: Avoid cputime scaling overflow (bnc#938352). - sched: Avoid prev->stime underflow (bnc#938352). - sched/core: Fix TASK_DEAD race in finish_task_switch() (bnc#1013018). - sched/core: Remove false-positive warning from wake_up_process() (bnc#1044882). - sched/cputime: Do not scale when utime == 0 (bnc#938352). - sched/debug: Print the scheduler topology group mask (bnc#1013018). - sched: Do not account bogus utime (bnc#938352). - sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1013018). - sched/fair: Fix min_vruntime tracking (bnc#1013018). - sched: Fix domain iteration (bnc#1013018). - sched: Fix SD_OVERLAP (bnc#1013018). - sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded systems (bnc#1013018). - sched: Lower chances of cputime scaling overflow (bnc#938352). - sched: Move nr_cpus_allowed out of 'struct sched_rt_entity' (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking - sched: Rename a misleading variable in build_overlap_sched_groups() (bnc#1013018). - sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking - sched/topology: Fix building of overlapping sched-groups (bnc#1013018). - sched/topology: Fix overlapping sched_group_capacity (bnc#1013018). - sched/topology: Fix overlapping sched_group_mask (bnc#1013018). - sched/topology: Move comment about asymmetric node setups (bnc#1013018). - sched/topology: Optimize build_group_mask() (bnc#1013018). - sched/topology: Refactor function build_overlap_sched_groups() (bnc#1013018). - sched/topology: Remove FORCE_SD_OVERLAP (bnc#1013018). - sched/topology: Simplify build_overlap_sched_groups() (bnc#1013018). - sched/topology: Verify the first group matches the child domain (bnc#1013018). - sched: Use swap() macro in scale_stime() (bnc#938352). - scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221). - scsi: fix race between simultaneous decrements of ->host_failed (bsc#1050154). - scsi: fnic: Correcting rport check location in fnic_queuecommand_lck (bsc#1035920). - scsi: mvsas: fix command_active typo (bsc#1050154). - scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init (bsc#1050154). - scsi: virtio_scsi: fix memory leak on full queue condition (bsc#1028880). - scsi: zfcp: do not trace pure benign residual HBA responses at default level (bnc#1025702, LTC#151317). - scsi: zfcp: fix rport unblock race with LUN recovery (bnc#1025702, LTC#151319). - scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send (bnc#1025702, LTC#151365). - scsi: zfcp: fix use-after-'free' in FC ingress path after TMF (bnc#1025702, LTC#151312). - sfc: do not device_attach if a reset is pending (bsc#909618 FATE#317521). - sfc: reduce severity of PIO buffer alloc failures (bsc#1019168). - smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - splice: Stub splice_write_to_file (bsc#1043234). - sunrpc: Clean up the slot table allocation (bsc#1013862). - sunrpc: Fix a memory leak in the backchannel code (git-fixes). - sunrpc: Initalise the struct xprt upon allocation (bsc#1013862). - svcrdma: Fix send_reply() scatter/gather set-up (git-fixes). - target/iscsi: Fix double free in lio_target_tiqn_addtpg() (bsc#1050154). - tcp: abort orphan sockets stalling on zero window probes (bsc#1021913). - tracing: Fix syscall_*regfunc() vs copy_process() race (bnc#1042687). - tracing/kprobes: Enforce kprobes teardown after testing (bnc#1013018). - udf: Fix deadlock between writeback and udf_setsize() (bsc#1013018). - udf: Fix races with i_size changes during readpage (bsc#1013018). - Update metadata for serial fixes (bsc#1013070) - Update patches.fixes/nfs-svc-rdma.fix (bsc#1044854). - usb: cdc-acm: fix broken runtime suspend (bsc#1033771). - usb: cdc-acm: fix open and suspend race (bsc#1033771). - usb: cdc-acm: fix potential urb leak and PM imbalance in write (bsc#1033771). - usb: cdc-acm: fix runtime PM for control messages (bsc#1033771). - usb: cdc-acm: fix runtime PM imbalance at shutdown (bsc#1033771). - usb: cdc-acm: fix shutdown and suspend race (bsc#1033771). - usb: cdc-acm: fix write and resume race (bsc#1033771). - usb: cdc-acm: fix write and suspend race (bsc#1033771). - usb: class: usbtmc.c: Cleaning up uninitialized variables (bsc#1036288). - usb: class: usbtmc: do not print error when allocating urb fails (bsc#1036288). - usb: class: usbtmc: do not print on ENOMEM (bsc#1036288). - usb: hub: Fix crash after failure to read BOS descriptor (FATE#317453). - usb: iowarrior: fix info ioctl on big-endian hosts (bsc#1037441). - usb: iowarrior: fix NULL-deref in write (bsc#1037359). - usb: r8a66597-hcd: select a different endpoint on timeout (bsc#1047053). - usb: serial: ark3116: fix register-accessor error handling (git-fixes). - usb: serial: ch341: fix open error handling (bsc#1037441). - usb: serial: cp210x: fix tiocmget error handling (bsc#1037441). - usb: serial: ftdi_sio: fix line-status over-reporting (bsc#1037441). - usb: serial: io_edgeport: fix epic-descriptor handling (bsc#1037441). - usb: serial: io_ti: fix information leak in completion handler (git-fixes). - usb: serial: iuu_phoenix: fix NULL-deref at open (bsc#1033794). - usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256). - usb: serial: mos7720: fix NULL-deref at open (bsc#1033816). - usb: serial: mos7720: fix parallel probe (bsc#1033816). - usb: serial: mos7720: fix parport use-after-free on probe errors (bsc#1033816). - usb: serial: mos7720: fix use-after-free on probe errors (bsc#1033816). - usb: serial: mos7840: fix another NULL-deref at open (bsc#1034026). - usb: serial: mos7840: fix NULL-deref at open (bsc#1034026). - usb: serial: oti6858: fix NULL-deref at open (bsc#1037441). - usb: serial: sierra: fix bogus alternate-setting assumption (bsc#1037441). - usb: serial: spcp8x5: fix NULL-deref at open (bsc#1037441). - usbtmc: remove redundant braces (bsc#1036288). - usbtmc: remove trailing spaces (bsc#1036288). - usb: usbip: fix nonconforming hub descriptor (bsc#1047487). - usb: usbtmc: add device quirk for Rigol DS6104 (bsc#1036288). - usb: usbtmc: Add flag rigol_quirk to usbtmc_device_data (bsc#1036288). - usb: usbtmc: add missing endpoint sanity check (bsc#1036288). - usb: usbtmc: Change magic number to constant (bsc#1036288). - usb: usbtmc: fix big-endian probe of Rigol devices (bsc#1036288). - usb: usbtmc: fix DMA on stack (bsc#1036288). - usb: usbtmc: fix probe error path (bsc#1036288). - usb: usbtmc: Set rigol_quirk if device is listed (bsc#1036288). - usb: usbtmc: TMC request code segregated from usbtmc_read (bsc#1036288). - usb: usbtmc: usbtmc_read sends multiple TMC header based on rigol_quirk (bsc#1036288). - usbvision: fix NULL-deref at probe (bsc#1050431). - usb: xhci-mem: use passed in GFP flags instead of GFP_KERNEL (bsc#1023014). - Use make --output-sync feature when available (bsc#1012422). The mesages in make output can interleave making it impossible to extract warnings reliably. Since version 4 GNU Make supports --output-sync flag that prints output of each sub-command atomically preventing this issue. Detect the flag and use it if available. SLE11 has make 3.81 so it is required to include make 4 in the kernel OBS projects to take advantege of this. - Use PF_LESS_THROTTLE in loop device thread (bsc#1027101). - uwb: hwa-rc: fix NULL-deref at probe (bsc#1037233). - uwb: i1480-dfu: fix NULL-deref at probe (bsc#1036629). - vb2: Fix an off by one error in 'vb2_plane_vaddr' (bsc#1050431). - vfs: split generic splice code from i_mutex locking (bsc#1024788). - vmxnet3: avoid calling pskb_may_pull with interrupts disabled (bsc#1045356). - vmxnet3: fix checks for dma mapping errors (bsc#1045356). - vmxnet3: fix lock imbalance in vmxnet3_tq_xmit() (bsc#1045356). - vmxnet3: segCnt can be 1 for LRO packets (bsc#988065, bsc#1029770). - x86, mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates (bsc#948562). - x86/pci-calgary: Fix iommu_free() comparison of unsigned expression >= 0 (bsc#1051478). - xen: avoid deadlock in xenbus (bnc#1047523). - xen-blkfront: correct maximum segment accounting (bsc#1018263). - xen-blkfront: do not call talk_to_blkback when already connected to blkback. - xen-blkfront: free resources if xlvbd_alloc_gendisk fails. - xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924). - xfrm: dst_entries_init() per-net dst_ops (bsc#1030814). - xfrm: NULL dereference on allocation failure (bsc#1047343). - xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653). - xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056). - xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1024508). - xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508). - xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056). - xfs: Fix lock ordering in splice write (bsc#1024788). - xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888). - xfs: kill xfs_itruncate_start (bsc#1024788). - xfs: Make xfs_icdinode->di_dmstate atomic_t (bsc#1024788). - xfs: remove the i_new_size field in struct xfs_inode (bsc#1024788). - xfs: remove the i_size field in struct xfs_inode (bsc#1024788). - xfs: remove xfs_itruncate_data (bsc#1024788). - xfs: replace global xfslogd wq with per-mount wq (bsc#1024508). - xfs: split xfs_itruncate_finish (bsc#1024788). - xfs: split xfs_setattr (bsc#1024788). - xfs: Synchronize xfs_buf disposal routines (bsc#1041160). - xfs: track and serialize in-flight async buffers against unmount (bsc#1024508). - xfs: use ->b_state to fix buffer I/O accounting release race (bsc#1041160). - xprtrdma: Free the pd if ib_query_qp() fails (git-fixes).

Patchnames: slertesp4-kernel-rt-13262

CVE-2014-9922

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2015-3288

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2015-8970

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-10200

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2016-2188

4.6 (Medium)


                        
                          CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-4997

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2016-5243

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2016-7117

8.1 (High)


                        
                          CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-1000363

6.8 (Medium)


                        
                          CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-1000364

8.4 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-1000365

2.9 (Low)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-1000380

4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-11176

7.3 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-11473

6.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-2636

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-2647

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-2671

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-5669

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-5970

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-5986

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-6074

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-6214

7.5 (High)


                        
                          CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-6348

6.2 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-6353

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-6951

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7184

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7187

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7261

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7294

6.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7308

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7482

6.6 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7487

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7533

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-7542

6.2 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7616

4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-8890

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-8924

4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-8925

4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-9074

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-9075

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-9076

6.2 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-9077

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-9242

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 8 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64	—	Vendor Fix

Threats

Impact important

References

408 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1003077	self
https://bugzilla.suse.com/1005651	self
https://bugzilla.suse.com/1008374	self
https://bugzilla.suse.com/1008850	self
https://bugzilla.suse.com/1008893	self
https://bugzilla.suse.com/1012422	self
https://bugzilla.suse.com/1013018	self
https://bugzilla.suse.com/1013070	self
https://bugzilla.suse.com/1013800	self
https://bugzilla.suse.com/1013862	self
https://bugzilla.suse.com/1016489	self
https://bugzilla.suse.com/1017143	self
https://bugzilla.suse.com/1018074	self
https://bugzilla.suse.com/1018263	self
https://bugzilla.suse.com/1018446	self
https://bugzilla.suse.com/1019168	self
https://bugzilla.suse.com/1020229	self
https://bugzilla.suse.com/1021256	self
https://bugzilla.suse.com/1021913	self
https://bugzilla.suse.com/1022971	self
https://bugzilla.suse.com/1023014	self
https://bugzilla.suse.com/1023051	self
https://bugzilla.suse.com/1023163	self
https://bugzilla.suse.com/1023888	self
https://bugzilla.suse.com/1024508	self
https://bugzilla.suse.com/1024788	self
https://bugzilla.suse.com/1024938	self
https://bugzilla.suse.com/1025235	self
https://bugzilla.suse.com/1025702	self
https://bugzilla.suse.com/1026024	self
https://bugzilla.suse.com/1026260	self
https://bugzilla.suse.com/1026722	self
https://bugzilla.suse.com/1026914	self
https://bugzilla.suse.com/1027066	self
https://bugzilla.suse.com/1027101	self
https://bugzilla.suse.com/1027178	self
https://bugzilla.suse.com/1027565	self
https://bugzilla.suse.com/1028372	self
https://bugzilla.suse.com/1028415	self
https://bugzilla.suse.com/1028880	self
https://bugzilla.suse.com/1029140	self
https://bugzilla.suse.com/1029212	self
https://bugzilla.suse.com/1029770	self
https://bugzilla.suse.com/1029850	self
https://bugzilla.suse.com/1030213	self
https://bugzilla.suse.com/1030552	self
https://bugzilla.suse.com/1030573	self
https://bugzilla.suse.com/1030593	self
https://bugzilla.suse.com/1030814	self
https://bugzilla.suse.com/1031003	self
https://bugzilla.suse.com/1031052	self
https://bugzilla.suse.com/1031440	self
https://bugzilla.suse.com/1031579	self
https://bugzilla.suse.com/1032141	self
https://bugzilla.suse.com/1032340	self
https://bugzilla.suse.com/1032471	self
https://bugzilla.suse.com/1033287	self
https://bugzilla.suse.com/1033336	self
https://bugzilla.suse.com/1033771	self
https://bugzilla.suse.com/1033794	self
https://bugzilla.suse.com/1033804	self
https://bugzilla.suse.com/1033816	self
https://bugzilla.suse.com/1034026	self
https://bugzilla.suse.com/1034670	self
https://bugzilla.suse.com/1035576	self
https://bugzilla.suse.com/1035777	self
https://bugzilla.suse.com/1035920	self
https://bugzilla.suse.com/1036056	self
https://bugzilla.suse.com/1036288	self
https://bugzilla.suse.com/1036629	self
https://bugzilla.suse.com/1037182	self
https://bugzilla.suse.com/1037183	self
https://bugzilla.suse.com/1037191	self
https://bugzilla.suse.com/1037193	self
https://bugzilla.suse.com/1037227	self
https://bugzilla.suse.com/1037232	self
https://bugzilla.suse.com/1037233	self
https://bugzilla.suse.com/1037356	self
https://bugzilla.suse.com/1037358	self
https://bugzilla.suse.com/1037359	self
https://bugzilla.suse.com/1037441	self
https://bugzilla.suse.com/1038544	self
https://bugzilla.suse.com/1038879	self
https://bugzilla.suse.com/1038981	self
https://bugzilla.suse.com/1038982	self
https://bugzilla.suse.com/1039258	self
https://bugzilla.suse.com/1039348	self
https://bugzilla.suse.com/1039354	self
https://bugzilla.suse.com/1039456	self
https://bugzilla.suse.com/1039594	self
https://bugzilla.suse.com/1039882	self
https://bugzilla.suse.com/1039883	self
https://bugzilla.suse.com/1039885	self
https://bugzilla.suse.com/1040069	self
https://bugzilla.suse.com/1040351	self
https://bugzilla.suse.com/1041160	self
https://bugzilla.suse.com/1041431	self
https://bugzilla.suse.com/1041762	self
https://bugzilla.suse.com/1041975	self
https://bugzilla.suse.com/1042045	self
https://bugzilla.suse.com/1042200	self
https://bugzilla.suse.com/1042615	self
https://bugzilla.suse.com/1042633	self
https://bugzilla.suse.com/1042687	self
https://bugzilla.suse.com/1042832	self
https://bugzilla.suse.com/1043014	self
https://bugzilla.suse.com/1043234	self
https://bugzilla.suse.com/1043935	self
https://bugzilla.suse.com/1044015	self
https://bugzilla.suse.com/1044125	self
https://bugzilla.suse.com/1044216	self
https://bugzilla.suse.com/1044230	self
https://bugzilla.suse.com/1044854	self
https://bugzilla.suse.com/1044882	self
https://bugzilla.suse.com/1044913	self
https://bugzilla.suse.com/1044985	self
https://bugzilla.suse.com/1045154	self
https://bugzilla.suse.com/1045340	self
https://bugzilla.suse.com/1045356	self
https://bugzilla.suse.com/1045406	self
https://bugzilla.suse.com/1045416	self
https://bugzilla.suse.com/1045525	self
https://bugzilla.suse.com/1045538	self
https://bugzilla.suse.com/1045547	self
https://bugzilla.suse.com/1045615	self
https://bugzilla.suse.com/1046107	self
https://bugzilla.suse.com/1046122	self
https://bugzilla.suse.com/1046192	self
https://bugzilla.suse.com/1046715	self
https://bugzilla.suse.com/1047027	self
https://bugzilla.suse.com/1047053	self
https://bugzilla.suse.com/1047343	self
https://bugzilla.suse.com/1047354	self
https://bugzilla.suse.com/1047487	self
https://bugzilla.suse.com/1047523	self
https://bugzilla.suse.com/1047653	self
https://bugzilla.suse.com/1048185	self
https://bugzilla.suse.com/1048221	self
https://bugzilla.suse.com/1048232	self
https://bugzilla.suse.com/1048275	self
https://bugzilla.suse.com/1049483	self
https://bugzilla.suse.com/1049603	self
https://bugzilla.suse.com/1049688	self
https://bugzilla.suse.com/1049882	self
https://bugzilla.suse.com/1050154	self
https://bugzilla.suse.com/1050431	self
https://bugzilla.suse.com/1051478	self
https://bugzilla.suse.com/1051515	self
https://bugzilla.suse.com/1051770	self
https://bugzilla.suse.com/784815	self
https://bugzilla.suse.com/792863	self
https://bugzilla.suse.com/799133	self
https://bugzilla.suse.com/870618	self
https://bugzilla.suse.com/909486	self
https://bugzilla.suse.com/909618	self
https://bugzilla.suse.com/911105	self
https://bugzilla.suse.com/919382	self
https://bugzilla.suse.com/928138	self
https://bugzilla.suse.com/931620	self
https://bugzilla.suse.com/938352	self
https://bugzilla.suse.com/943786	self
https://bugzilla.suse.com/948562	self
https://bugzilla.suse.com/962257	self
https://bugzilla.suse.com/970956	self
https://bugzilla.suse.com/971975	self
https://bugzilla.suse.com/972891	self
https://bugzilla.suse.com/979021	self
https://bugzilla.suse.com/982783	self
https://bugzilla.suse.com/983212	self
https://bugzilla.suse.com/985561	self
https://bugzilla.suse.com/986362	self
https://bugzilla.suse.com/986365	self
https://bugzilla.suse.com/986924	self
https://bugzilla.suse.com/988065	self
https://bugzilla.suse.com/989056	self
https://bugzilla.suse.com/990682	self
https://bugzilla.suse.com/991651	self
https://bugzilla.suse.com/995542	self
https://bugzilla.suse.com/999245	self
https://www.suse.com/security/cve/CVE-2014-9922/	self
https://www.suse.com/security/cve/CVE-2015-3288/	self
https://www.suse.com/security/cve/CVE-2015-8970/	self
https://www.suse.com/security/cve/CVE-2016-10200/	self
https://www.suse.com/security/cve/CVE-2016-2188/	self
https://www.suse.com/security/cve/CVE-2016-4997/	self
https://www.suse.com/security/cve/CVE-2016-5243/	self
https://www.suse.com/security/cve/CVE-2016-7117/	self
https://www.suse.com/security/cve/CVE-2017-1000363/	self
https://www.suse.com/security/cve/CVE-2017-1000364/	self
https://www.suse.com/security/cve/CVE-2017-1000365/	self
https://www.suse.com/security/cve/CVE-2017-1000380/	self
https://www.suse.com/security/cve/CVE-2017-11176/	self
https://www.suse.com/security/cve/CVE-2017-11473/	self
https://www.suse.com/security/cve/CVE-2017-2636/	self
https://www.suse.com/security/cve/CVE-2017-2647/	self
https://www.suse.com/security/cve/CVE-2017-2671/	self
https://www.suse.com/security/cve/CVE-2017-5669/	self
https://www.suse.com/security/cve/CVE-2017-5970/	self
https://www.suse.com/security/cve/CVE-2017-5986/	self
https://www.suse.com/security/cve/CVE-2017-6074/	self
https://www.suse.com/security/cve/CVE-2017-6214/	self
https://www.suse.com/security/cve/CVE-2017-6348/	self
https://www.suse.com/security/cve/CVE-2017-6353/	self
https://www.suse.com/security/cve/CVE-2017-6951/	self
https://www.suse.com/security/cve/CVE-2017-7184/	self
https://www.suse.com/security/cve/CVE-2017-7187/	self
https://www.suse.com/security/cve/CVE-2017-7261/	self
https://www.suse.com/security/cve/CVE-2017-7294/	self
https://www.suse.com/security/cve/CVE-2017-7308/	self
https://www.suse.com/security/cve/CVE-2017-7482/	self
https://www.suse.com/security/cve/CVE-2017-7487/	self
https://www.suse.com/security/cve/CVE-2017-7533/	self
https://www.suse.com/security/cve/CVE-2017-7542/	self
https://www.suse.com/security/cve/CVE-2017-7616/	self
https://www.suse.com/security/cve/CVE-2017-8890/	self
https://www.suse.com/security/cve/CVE-2017-8924/	self
https://www.suse.com/security/cve/CVE-2017-8925/	self
https://www.suse.com/security/cve/CVE-2017-9074/	self
https://www.suse.com/security/cve/CVE-2017-9075/	self
https://www.suse.com/security/cve/CVE-2017-9076/	self
https://www.suse.com/security/cve/CVE-2017-9077/	self
https://www.suse.com/security/cve/CVE-2017-9242/	self
https://www.suse.com/security/cve/CVE-2014-9922	external
https://bugzilla.suse.com/1032340	external
https://www.suse.com/security/cve/CVE-2015-3288	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/979021	external
https://www.suse.com/security/cve/CVE-2015-8970	external
https://bugzilla.suse.com/1008374	external
https://bugzilla.suse.com/1008850	external
https://www.suse.com/security/cve/CVE-2016-10200	external
https://bugzilla.suse.com/1027179	external
https://bugzilla.suse.com/1028415	external
https://www.suse.com/security/cve/CVE-2016-2188	external
https://bugzilla.suse.com/1020452	external
https://bugzilla.suse.com/1067912	external
https://bugzilla.suse.com/1132190	external
https://bugzilla.suse.com/970956	external
https://www.suse.com/security/cve/CVE-2016-4997	external
https://bugzilla.suse.com/1020452	external
https://bugzilla.suse.com/986362	external
https://bugzilla.suse.com/986365	external
https://bugzilla.suse.com/986377	external
https://bugzilla.suse.com/991651	external
https://www.suse.com/security/cve/CVE-2016-5243	external
https://bugzilla.suse.com/983212	external
https://bugzilla.suse.com/986225	external
https://www.suse.com/security/cve/CVE-2016-7117	external
https://bugzilla.suse.com/1003077	external
https://bugzilla.suse.com/1003253	external
https://bugzilla.suse.com/1057478	external
https://bugzilla.suse.com/1071943	external
https://www.suse.com/security/cve/CVE-2017-1000363	external
https://bugzilla.suse.com/1039456	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-1000364	external
https://bugzilla.suse.com/1039346	external
https://bugzilla.suse.com/1039348	external
https://bugzilla.suse.com/1042200	external
https://bugzilla.suse.com/1044985	external
https://bugzilla.suse.com/1071943	external
https://bugzilla.suse.com/1075506	external
https://bugzilla.suse.com/1077345	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/1149726	external
https://www.suse.com/security/cve/CVE-2017-1000365	external
https://bugzilla.suse.com/1037551	external
https://bugzilla.suse.com/1039346	external
https://bugzilla.suse.com/1039349	external
https://bugzilla.suse.com/1039354	external
https://bugzilla.suse.com/1054557	external
https://bugzilla.suse.com/1077345	external
https://www.suse.com/security/cve/CVE-2017-1000380	external
https://bugzilla.suse.com/1044125	external
https://www.suse.com/security/cve/CVE-2017-11176	external
https://bugzilla.suse.com/1048275	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-11473	external
https://bugzilla.suse.com/1049603	external
https://bugzilla.suse.com/1061680	external
https://bugzilla.suse.com/1087082	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-2636	external
https://bugzilla.suse.com/1027565	external
https://bugzilla.suse.com/1027575	external
https://bugzilla.suse.com/1028372	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-2647	external
https://bugzilla.suse.com/1030593	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-2671	external
https://bugzilla.suse.com/1027179	external
https://bugzilla.suse.com/1031003	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-5669	external
https://bugzilla.suse.com/1026914	external
https://bugzilla.suse.com/1102390	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-5970	external
https://bugzilla.suse.com/1024938	external
https://bugzilla.suse.com/1025013	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-5986	external
https://bugzilla.suse.com/1025235	external
https://bugzilla.suse.com/1027066	external
https://www.suse.com/security/cve/CVE-2017-6074	external
https://bugzilla.suse.com/1026024	external
https://bugzilla.suse.com/1072204	external
https://www.suse.com/security/cve/CVE-2017-6214	external
https://bugzilla.suse.com/1026722	external
https://bugzilla.suse.com/1027179	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-6348	external
https://bugzilla.suse.com/1027178	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-6353	external
https://bugzilla.suse.com/1025235	external
https://bugzilla.suse.com/1027066	external
https://www.suse.com/security/cve/CVE-2017-6951	external
https://bugzilla.suse.com/1029850	external
https://bugzilla.suse.com/1030593	external
https://www.suse.com/security/cve/CVE-2017-7184	external
https://bugzilla.suse.com/1030573	external
https://bugzilla.suse.com/1030575	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7187	external
https://bugzilla.suse.com/1027179	external
https://bugzilla.suse.com/1030213	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7261	external
https://bugzilla.suse.com/1027179	external
https://bugzilla.suse.com/1031052	external
https://www.suse.com/security/cve/CVE-2017-7294	external
https://bugzilla.suse.com/1027179	external
https://bugzilla.suse.com/1031440	external
https://bugzilla.suse.com/1031481	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7308	external
https://bugzilla.suse.com/1027179	external
https://bugzilla.suse.com/1031579	external
https://bugzilla.suse.com/1031660	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7482	external
https://bugzilla.suse.com/1046107	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7487	external
https://bugzilla.suse.com/1038879	external
https://bugzilla.suse.com/1038883	external
https://bugzilla.suse.com/1038981	external
https://bugzilla.suse.com/1038982	external
https://bugzilla.suse.com/1072204	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/870618	external
https://www.suse.com/security/cve/CVE-2017-7533	external
https://bugzilla.suse.com/1049483	external
https://bugzilla.suse.com/1050677	external
https://bugzilla.suse.com/1050751	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-7542	external
https://bugzilla.suse.com/1049882	external
https://bugzilla.suse.com/1061936	external
https://www.suse.com/security/cve/CVE-2017-7616	external
https://bugzilla.suse.com/1033336	external
https://www.suse.com/security/cve/CVE-2017-8890	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1038564	external
https://bugzilla.suse.com/1039883	external
https://bugzilla.suse.com/1039885	external
https://bugzilla.suse.com/1040069	external
https://bugzilla.suse.com/1042364	external
https://bugzilla.suse.com/1051906	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-8924	external
https://bugzilla.suse.com/1037182	external
https://bugzilla.suse.com/1038981	external
https://bugzilla.suse.com/1038982	external
https://bugzilla.suse.com/870618	external
https://www.suse.com/security/cve/CVE-2017-8925	external
https://bugzilla.suse.com/1037183	external
https://bugzilla.suse.com/1038981	external
https://bugzilla.suse.com/1038982	external
https://bugzilla.suse.com/870618	external
https://www.suse.com/security/cve/CVE-2017-9074	external
https://bugzilla.suse.com/1039882	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9075	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1039883	external
https://bugzilla.suse.com/1051906	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9076	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1039885	external
https://bugzilla.suse.com/1040069	external
https://bugzilla.suse.com/1051906	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9077	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1040069	external
https://bugzilla.suse.com/1042364	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9242	external
https://bugzilla.suse.com/1041431	external
https://bugzilla.suse.com/1042892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\n\nThe SUSE Linux Enterprise 11 SP4 RT kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2014-9922: The eCryptfs subsystem in the Linux kernel allowed local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c (bsc#1032340).\n- CVE-2015-3288: mm/memory.c in the Linux kernel mishandled anonymous pages, which allowed local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero (bnc#979021).\n- CVE-2015-8970: crypto/algif_skcipher.c in the Linux kernel did not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that did not supply a key, related to the lrw_crypt function in crypto/lrw.c (bnc#1008374 bsc#1008850).\n- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415).\n- CVE-2016-2188: The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel allowed physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor (bnc#970956).\n- CVE-2016-4997: The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement (bnc#986362).\n- CVE-2016-4998: The IPT_SO_SET_REPLACE setsockopt implementation in the netfilter subsystem in the Linux kernel allowed local users to cause a denial of service (out-of-bounds read) or possibly obtain sensitive information from kernel heap memory by leveraging in-container root access to provide a crafted offset value that leads to crossing a ruleset blob boundary (bnc#986365).\n- CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212).\n- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bnc#1003077).\n- CVE-2017-1000363: A buffer overflow in kernel commandline handling of the \u0027lp\u0027 parameter could be used to bypass certain secure boot settings. (bnc#1039456).\n- CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \u0027jumped\u0027 over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010) (bnc#1039348).\n- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation (bnc#1039354).\n- CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).\n- CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).\n- CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel allowed local users to gain privileges via a crafted ACPI table (bsc#1049603).\n- CVE-2017-2636: Race condition in drivers/tty/n_hdlc.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline (bnc#1027565 bsc#1028372).\n- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593).\n- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003).\n- CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914).\n- CVE-2017-5970: The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel allowed attackers to cause a denial of service (system crash) via (1) an application that made crafted system calls or possibly (2) IPv4 traffic with invalid IP options (bnc#1024938).\n- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bnc#1025235).\n- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024 bsc#1033287).\n- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722).\n- CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly manages lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178).\n- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066).\n- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \u0027dead\u0027 type (bnc#1029850).\n- CVE-2017-7184: The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel did not validate certain size data after an XFRM_MSG_NEWAE update, which allowed local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52 (bnc#1030573).\n- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213).\n- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052).\n- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440).\n- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls (bnc#1031579).\n- CVE-2017-7482: Fixed a potential overflow in the net/rxprc where a padded len isn\u0027t checked in ticket decode (bsc#1046107).\n- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879).\n- CVE-2017-7533: Race condition in the fsnotify implementation in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions (bsc#1049483).\n- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bsc#1049882).\n- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation (bnc#1033336).\n- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544).\n- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982).\n- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981).\n- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).\n- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).\n- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).\n- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).\n\nThe following non-security bugs were fixed:\n\n- 8250: use callbacks to access UART_DLL/UART_DLM.\n- acpi: Disable APEI error injection if securelevel is set (bsc#972891, bsc#1023051).\n- af_key: Add lock to key dump (bsc#1047653).\n- af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354).\n- alsa: ctxfi: Fallback DMA mask to 32bit (bsc#1045538).\n- alsa: hda - Fix regression of HD-audio controller fallback modes (bsc#1045538).\n- alsa: hda/realtek - Correction of fixup codes for PB V7900 laptop (bsc#1045538).\n- alsa: hda/realtek - Fix COEF widget NID for ALC260 replacer fixup (bsc#1045538).\n- alsa: hda - using uninitialized data (bsc#1045538).\n- alsa: off by one bug in snd_riptide_joystick_probe() (bsc#1045538).\n- alsa: seq: Fix snd_seq_call_port_info_ioctl in compat mode (bsc#1045538).\n- ath9k: fix buffer overrun for ar9287 (bsc#1045538).\n- __bitmap_parselist: fix bug in empty string handling (bnc#1042633).\n- blacklist.conf: Add a few inapplicable items (bsc#1045538).\n- blacklist.conf: blacklisted 1fe89e1b6d27 (bnc#1046122)\n- block: do not allow updates through sysfs until registration completes (bsc#1047027).\n- block: fix ext_dev_lock lockdep report (bsc#1050154).\n- btrfs: Don\u0027t clear SGID when inheriting ACLs (bsc#1030552).\n- cifs: backport prepath matching fix (bsc#799133).\n- cifs: don\u0027t compare uniqueids in cifs_prime_dcache unless server inode numbers are in use (bsc#1041975).\n- cifs: small underflow in cnvrtDosUnixTm() (bsc#1043935).\n- cifs: Timeout on SMBNegotiate request (bsc#1044913).\n- clocksource: Remove \u0027weak\u0027 from clocksource_default_clock() declaration (bnc#1013018).\n- cputime: Avoid multiplication overflow on utime scaling (bnc#938352).\n- crypto: nx - off by one bug in nx_of_update_msc() (fate#314588,bnc#792863).\n- decompress_bunzip2: off by one in get_next_block() (git-fixes).\n- devres: fix a for loop bounds check (git-fixes).\n- dlm: backport \u0027fix lvb invalidation conditions\u0027 (bsc#1005651).\n- dm: fix ioctl retry termination with signal (bsc#1050154).\n- drm/mgag200: Add support for G200eH3 (bnc#1044216, fate#323551)\n- drm/mgag200: Add support for G200e rev 4 (bnc#995542, comment #81)\n- edac, amd64_edac: Shift wrapping issue in f1x_get_norm_dct_addr() (fate#313937).\n- enic: set skb-\u003ehash type properly (bsc#911105 FATE#317501).\n- ext2: Don\u0027t clear SGID when inheriting ACLs (bsc#1030552).\n- ext3: Don\u0027t clear SGID when inheriting ACLs (bsc#1030552).\n- ext4: Don\u0027t clear SGID when inheriting ACLs (bsc#1030552).\n- ext4: fix fdatasync(2) after extent manipulation operations (bsc#1013018).\n- ext4: fix mballoc breakage with 64k block size (bsc#1013018).\n- ext4: fix stack memory corruption with 64k block size (bsc#1013018).\n- ext4: keep existing extra fields when inode expands (bsc#1013018).\n- ext4: reject inodes with negative size (bsc#1013018).\n- fbdev/efifb: Fix 16 color palette entry calculation (bsc#1041762).\n- firmware: fix directory creation rule matching with make 3.80 (bsc#1012422).\n- firmware: fix directory creation rule matching with make 3.82 (bsc#1012422).\n- fixed invalid assignment of 64bit mask to host dma_boundary for scatter gather segment boundary limit (bsc#1042045).\n- Fix soft lockup in svc_rdma_send (bsc#1044854).\n- fnic: Return \u0027DID_IMM_RETRY\u0027 if rport is not ready (bsc#1035920).\n- fnic: Using rport-\u003edd_data to check rport online instead of rport_lookup (bsc#1035920).\n- fs/block_dev: always invalidate cleancache in invalidate_bdev() (git-fixes).\n- fs: fix data invalidation in the cleancache during direct IO (git-fixes).\n- fs/xattr.c: zero out memory copied to userspace in getxattr (bsc#1013018).\n- fuse: add missing FR_FORCE (bsc#1013018).\n- fuse: initialize fc-\u003erelease before calling it (bsc#1013018).\n- genirq: Prevent proc race against freeing of irq descriptors (bnc#1044230).\n- hrtimer: Allow concurrent hrtimer_start() for self restarting timers (bnc#1013018).\n- i40e: avoid null pointer dereference (bsc#909486 FATE#317393).\n- i40e: Fix TSO with more than 8 frags per segment issue (bsc#985561).\n- i40e/i40evf: Break up xmit_descriptor_count from maybe_stop_tx (bsc#985561).\n- i40e/i40evf: Fix mixed size frags and linearization (bsc#985561).\n- i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet (bsc#985561).\n- i40e/i40evf: Rewrite logic for 8 descriptor per packet check (bsc#985561).\n- i40e: Impose a lower limit on gso size (bsc#985561).\n- i40e: Limit TX descriptor count in cases where frag size is greater than 16K (bsc#985561).\n- ib/mlx4: Demote mcg message from warning to debug (bsc#919382).\n- ib/mlx4: Fix ib device initialization error flow (bsc#919382).\n- ib/mlx4: Fix port query for 56Gb Ethernet links (bsc#919382).\n- ib/mlx4: Handle well-known-gid in mad_demux processing (bsc#919382).\n- ib/mlx4: Reduce SRIOV multicast cleanup warning message to debug level (bsc#919382).\n- ib/mlx4: Set traffic class in AH (bsc#919382).\n- Implement an ioctl to support the USMTMC-USB488 READ_STATUS_BYTE operation (bsc#1036288).\n- initial cr0 bits (bnc#1036056, LTC#153612).\n- input: cm109 - validate number of endpoints before using them (bsc#1037193).\n- input: hanwang - validate number of endpoints before using them (bsc#1037232).\n- input: yealink - validate number of endpoints before using them (bsc#1037227).\n- ipmr, ip6mr: fix scheduling while atomic and a deadlock with ipmr_get_route (git-fixes).\n- irq: Fix race condition (bsc#1042615).\n- isdn/gigaset: fix NULL-deref at probe (bsc#1037356).\n- isofs: Do not return EACCES for unknown filesystems (bsc#1013018).\n- jbd: do not wait (forever) for stale tid caused by wraparound (bsc#1020229).\n- jbd: Fix oops in journal_remove_journal_head() (bsc#1017143).\n- jsm: add support for additional Neo cards (bsc#1045615).\n- kabi fix (bsc#1008893).\n- kABI: mask struct xfs_icdinode change (bsc#1024788).\n- kabi: Protect xfs_mount and xfs_buftarg (bsc#1024508).\n- kabi:severeties: Add splice_write_to_file PASS This function is part of an xfs-specific fix which never went upstream and is not expected to have 3rdparty users other than xfs itself.\n- kernel-binary.spec: Propagate MAKE_ARGS to %build (bsc#1012422)\n- keys: Disallow keyrings beginning with \u0027.\u0027 to be joined as session keyrings (bnc#1035576).\n- kvm: kvm_io_bus_unregister_dev() should never fail.\n- libata: fix sff host state machine locking while polling (bsc#1045525).\n- libceph: NULL deref on crush_decode() error path (bsc#1044015).\n- libceph: potential NULL dereference in ceph_msg_data_create() (bsc#1051515).\n- libfc: fixup locking in fc_disc_stop() (bsc#1029140).\n- libfc: move \u0027pending\u0027 and \u0027requested\u0027 setting (bsc#1029140).\n- libfc: only restart discovery after timeout if not already running (bsc#1029140).\n- lockd: use init_utsname for id encoding (bsc#1033804).\n- lockd: use rpc client\u0027s cl_nodename for id encoding (bsc#1033804).\n- locking/rtmutex: Prevent dequeue vs. unlock race (bnc#1013018).\n- math64: New div64_u64_rem helper (bnc#938352).\n- md: ensure md devices are freed before module is unloaded (git-fixes).\n- md: fix a null dereference (bsc#1040351).\n- md: flush -\u003eevent_work before stopping array (git-fixes).\n- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).\n- md/linear: shutup lockdep warnning (bsc#1018446).\n- md: make sure GET_ARRAY_INFO ioctl reports correct \u0027clean\u0027 status (git-fixes).\n- md/raid0: apply base queue limits *before* disk_stack_limits (git-fixes).\n- md/raid1: extend spinlock to protect raid1_end_read_request against inconsistencies (git-fixes).\n- md/raid1: fix test for \u0027was read error from last working device\u0027 (git-fixes).\n- md/raid5: do not record new size if resize_stripes fails (git-fixes).\n- md/raid5: Fix CPU hotplug callback registration (git-fixes).\n- md: use separate bio_pool for metadata writes (bsc#1040351).\n- megaraid_sas: add missing curly braces in ioctl handler (bsc#1050154).\n- mlx4: reduce OOM risk on arches with large pages (bsc#919382).\n- mmc: core: add missing pm event in mmc_pm_notify to fix hib restore (bsc#1045547).\n- mmc: ushc: fix NULL-deref at probe (bsc#1037191).\n- mm: do not collapse stack gap into THP (bnc#1039348)\n- mm: enlarge stack guard gap (bnc#1039348).\n- mm/huge_memory: replace VM_NO_THP VM_BUG_ON with actual VMA check (VM Functionality, bsc#1042832).\n- mm: hugetlb: call huge_pte_alloc() only if ptep is null (VM Functionality, bsc#1042832).\n- mm/memory-failure.c: use compound_head() flags for huge pages (bnc#971975 VM -- git fixes).\n- mm/mempolicy.c: do not put mempolicy before using its nodemask (References: VM Performance, bnc#931620).\n- mm, mmap: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348, bnc#1045340, bnc#1045406).\n- module: fix memory leak on early load_module() failures (bsc#1043014).\n- Move nr_cpus_allowed into a hole in struct_sched_entity instead of the one below task_struct.policy. RT fills the hole 29baa7478ba4 used, which will screw up kABI for RT instead of curing the space needed problem in sched_rt_entity caused by adding ff77e4685359. This leaves nr_cpus_alowed in an odd spot, but safely allows the RT entity specific data added by ff77e4685359 to reside where it belongs.. nr_cpus_allowed just moves from one odd spot to another.\n- mwifiex: printk() overflow with 32-byte SSIDs (bsc#1048185).\n- net: avoid reference counter overflows on fib_rules in multicast forwarding (git-fixes).\n- net: ip6mr: fix static mfc/dev leaks on table destruction (git-fixes).\n- net: ipmr: fix static mfc/dev leaks on table destruction (git-fixes).\n- net/mlx4_core: Eliminate warning messages for SRQ_LIMIT under SRIOV (bsc#919382).\n- net/mlx4_core: Enhance the MAD_IFC wrapper to convert VF port to physical (bsc#919382).\n- net/mlx4_core: Fix VF overwrite of module param which disables DMFS on new probed PFs (bsc#919382).\n- net/mlx4_core: Fix when to save some qp context flags for dynamic VST to VGT transitions (bsc#919382).\n- net/mlx4_core: Get num_tc using netdev_get_num_tc (bsc#919382).\n- net/mlx4_core: Prevent VF from changing port configuration (bsc#919382).\n- net/mlx4_core: Use-after-free causes a resource leak in flow-steering detach (bsc#919382).\n- net/mlx4_core: Use cq quota in SRIOV when creating completion EQs (bsc#919382).\n- net/mlx4_en: Avoid adding steering rules with invalid ring (bsc#919382).\n- net/mlx4_en: Change the error print to debug print (bsc#919382).\n- net/mlx4_en: fix overflow in mlx4_en_init_timestamp() (bsc#919382).\n- net/mlx4_en: Fix type mismatch for 32-bit systems (bsc#919382).\n- net/mlx4_en: Resolve dividing by zero in 32-bit system (bsc#919382).\n- net/mlx4_en: Wake TX queues only when there\u0027s enough room (bsc#1039258).\n- net/mlx4: Fix the check in attaching steering rules (bsc#919382).\n- net/mlx4: Fix uninitialized fields in rule when adding promiscuous mode to device managed flow steering (bsc#919382).\n- net: wimax/i2400m: fix NULL-deref at probe (bsc#1037358).\n- netxen_nic: set rcode to the return status from the call to netxen_issue_cmd (bnc#784815 FATE#313898).\n- nfs: Avoid getting confused by confused server (bsc#1045416).\n- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670).\n- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670).\n- nfsd: do not risk using duplicate owner/file/delegation ids (bsc#1029212).\n- nfsd: Don\u0027t use state id of 0 - it is reserved (bsc#1049688 bsc#1051770).\n- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670).\n- nfs: Fix another OPEN_DOWNGRADE bug (git-next).\n- nfs: fix nfs_size_to_loff_t (git-fixes).\n- nfs: Fix size of NFSACL SETACL operations (git-fixes).\n- nfs: Make nfs_readdir revalidate less often (bsc#1048232).\n- nfs: tidy up nfs_show_mountd_netid (git-fixes).\n- nfsv4: Do not call put_rpccred() under the rcu_read_lock() (git-fixes).\n- nfsv4: Fix another bug in the close/open_downgrade code (git-fixes).\n- nfsv4: fix getacl head length estimation (git-fixes).\n- nfsv4: Fix problems with close in the presence of a delegation (git-fixes).\n- nfsv4: Fix the underestimation of delegation XDR space reservation (git-fixes).\n- ocfs2: do not write error flag to user structure we cannot copy from/to (bsc#1013018).\n- ocfs2: Don\u0027t clear SGID when inheriting ACLs (bsc#1030552).\n- ocfs2: fix crash caused by stale lvb with fsdlm plugin (bsc#1013800).\n- ocfs2: fix error return code in ocfs2_info_handle_freefrag() (bsc#1013018).\n- ocfs2: NFS hangs in __ocfs2_cluster_lock due to race with ocfs2_unblock_lock (bsc#962257).\n- ocfs2: null deref on allocation error (bsc#1013018).\n- pci: Allow access to VPD attributes with size 0 (bsc#1018074).\n- pciback: only check PF if actually dealing with a VF (bsc#999245).\n- pciback: use pci_physfn() (bsc#999245).\n- pci: Fix devfn for VPD access through function 0 (bnc#943786 git-fixes).\n- perf/core: Correct event creation with PERF_FORMAT_GROUP (bnc#1013018).\n- perf/core: Fix event inheritance on fork() (bnc#1013018).\n- posix-timers: Fix stack info leak in timer_create() (bnc#1013018).\n- powerpc,cpuidle: Dont toggle CPUIDLE_FLAG_IGNORE while setting smt_snooze_delay (bsc#1023163).\n- powerpc: Drop support for pre-POWER4 cpus (fate#322495, bsc#1032471).\n- powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971).\n- powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141).\n- powerpc/fadump: Update fadump documentation (bsc#1032141).\n- powerpc/mm: Do not alias user region to other regions below PAGE_OFFSET (bsc#928138,fate#319026).\n- powerpc/mm/hash: Check for non-kernel address in get_kernel_vsid() (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Convert mask to unsigned long (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Increase VA range to 128TB (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Properly mask the ESID bits when building proto VSID (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Support 68 bit VA (fate#322495, bsc#1032471).\n- powerpc/mm/hash: Use context ids 1-4 for the kernel (fate#322495, bsc#1032471).\n- powerpc/mm: Remove checks that TASK_SIZE_USER64 is too small (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Convert slice_mask high slice to a bitmap (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Fix off-by-1 error when computing slice mask (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Move slice_mask struct definition to slice.c (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Update slice mask printing to use bitmap printing (fate#322495, bsc#1032471).\n- powerpc/mm/slice: Update the function prototype (fate#322495, bsc#1032471).\n- powerpc/mm: use macro PGTABLE_EADDR_SIZE instead of digital (fate#322495, bsc#1032471).\n- powerpc/nvram: Fix an incorrect partition merge (bsc#1016489).\n- powerpc/pseries: Release DRC when configure_connector fails (bsc#1035777, Pending Base Kernel Fixes).\n- powerpc: Remove STAB code (fate#322495, bsc#1032471).\n- powerpc/vdso64: Use double word compare on pointers (bsc#1016489).\n- raid1: avoid unnecessary spin locks in I/O barrier code (bsc#982783,bsc#1026260).\n- random32: fix off-by-one in seeding requirement (git-fixes).\n- rcu: Call out dangers of expedited RCU primitives (bsc#1008893).\n- rcu: Direct algorithmic SRCU implementation (bsc#1008893).\n- rcu: Flip -\u003ecompleted only once per SRCU grace period (bsc#1008893).\n- rcu: Implement a variant of Peter\u0027s SRCU algorithm (bsc#1008893).\n- rcu: Increment upper bit only for srcu_read_lock() (bsc#1008893).\n- rcu: Remove fast check path from __synchronize_srcu() (bsc#1008893).\n- reiserfs: Don\u0027t clear SGID when inheriting ACLs (bsc#1030552).\n- reiserfs: don\u0027t preallocate blocks for extended attributes (bsc#990682).\n- Remove patches causing regression (bsc#1043234)\n- Remove superfluous make flags (bsc#1012422)\n- Return short read or 0 at end of a raw device, not EIO (bsc#1039594).\n- Revert \u0027kabi:severeties: Add splice_write_to_file PASS\u0027 This reverts commit 05ecf7ab16b2ea555fadd1ce17d8177394de88f2.\n- Revert \u0027math64: New div64_u64_rem helper\u0027 (bnc#938352).\n- Revert \u0027xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).\u0027 I was baing my assumption of SLE11-SP4 needing this patch on an old kernel build (3.0.101-63). Re-testing with the latest one 3.0.101-94 shows that the issue is not present. Furthermore this one was causing some crashes. This reverts commit 16ceeac70f7286b6232861c3170ed32e39dcc68c.\n- rfkill: fix rfkill_fop_read wait_event usage (bsc#1046192).\n- s390/kmsg: add missing kmsg descriptions (bnc#1025702, LTC#151573).\n- s390/qdio: clear DSCI prior to scanning multiple input queues (bnc#1046715, LTC#156234).\n- s390/qeth: no ETH header for outbound AF_IUCV (bnc#1046715, LTC#156276).\n- s390/qeth: size calculation outbound buffers (bnc#1046715, LTC#156276).\n- s390/vmlogrdr: fix IUCV buffer allocation (bnc#1025702, LTC#152144).\n- s390/zcrypt: Introduce CEX6 toleration (FATE#321782, LTC#147505).\n- sched: Always initialize cpu-power (bnc#1013018).\n- sched: Avoid cputime scaling overflow (bnc#938352).\n- sched: Avoid prev-\u003estime underflow (bnc#938352).\n- sched/core: Fix TASK_DEAD race in finish_task_switch() (bnc#1013018).\n- sched/core: Remove false-positive warning from wake_up_process() (bnc#1044882).\n- sched/cputime: Do not scale when utime == 0 (bnc#938352).\n- sched/debug: Print the scheduler topology group mask (bnc#1013018).\n- sched: Do not account bogus utime (bnc#938352).\n- sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1013018).\n- sched/fair: Fix min_vruntime tracking (bnc#1013018).\n- sched: Fix domain iteration (bnc#1013018).\n- sched: Fix SD_OVERLAP (bnc#1013018).\n- sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded systems (bnc#1013018).\n- sched: Lower chances of cputime scaling overflow (bnc#938352).\n- sched: Move nr_cpus_allowed out of \u0027struct sched_rt_entity\u0027 (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking\n- sched: Rename a misleading variable in build_overlap_sched_groups() (bnc#1013018).\n- sched/rt: Fix PI handling vs. sched_setscheduler() (bnc#1013018). Prep for b60205c7c558 sched/fair: Fix min_vruntime tracking\n- sched/topology: Fix building of overlapping sched-groups (bnc#1013018).\n- sched/topology: Fix overlapping sched_group_capacity (bnc#1013018).\n- sched/topology: Fix overlapping sched_group_mask (bnc#1013018).\n- sched/topology: Move comment about asymmetric node setups (bnc#1013018).\n- sched/topology: Optimize build_group_mask() (bnc#1013018).\n- sched/topology: Refactor function build_overlap_sched_groups() (bnc#1013018).\n- sched/topology: Remove FORCE_SD_OVERLAP (bnc#1013018).\n- sched/topology: Simplify build_overlap_sched_groups() (bnc#1013018).\n- sched/topology: Verify the first group matches the child domain (bnc#1013018).\n- sched: Use swap() macro in scale_stime() (bnc#938352).\n- scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221).\n- scsi: fix race between simultaneous decrements of -\u003ehost_failed (bsc#1050154).\n- scsi: fnic: Correcting rport check location in fnic_queuecommand_lck (bsc#1035920).\n- scsi: mvsas: fix command_active typo (bsc#1050154).\n- scsi: qla2xxx: Fix scsi scan hang triggered if adapter fails during init (bsc#1050154).\n- scsi: virtio_scsi: fix memory leak on full queue condition (bsc#1028880).\n- scsi: zfcp: do not trace pure benign residual HBA responses at default level (bnc#1025702, LTC#151317).\n- scsi: zfcp: fix rport unblock race with LUN recovery (bnc#1025702, LTC#151319).\n- scsi: zfcp: fix use-after-free by not tracing WKA port open/close on failed send (bnc#1025702, LTC#151365).\n- scsi: zfcp: fix use-after-\u0027free\u0027 in FC ingress path after TMF (bnc#1025702, LTC#151312).\n- sfc: do not device_attach if a reset is pending (bsc#909618 FATE#317521).\n- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).\n- smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).\n- splice: Stub splice_write_to_file (bsc#1043234).\n- sunrpc: Clean up the slot table allocation (bsc#1013862).\n- sunrpc: Fix a memory leak in the backchannel code (git-fixes).\n- sunrpc: Initalise the struct xprt upon allocation (bsc#1013862).\n- svcrdma: Fix send_reply() scatter/gather set-up (git-fixes).\n- target/iscsi: Fix double free in lio_target_tiqn_addtpg() (bsc#1050154).\n- tcp: abort orphan sockets stalling on zero window probes (bsc#1021913).\n- tracing: Fix syscall_*regfunc() vs copy_process() race (bnc#1042687).\n- tracing/kprobes: Enforce kprobes teardown after testing (bnc#1013018).\n- udf: Fix deadlock between writeback and udf_setsize() (bsc#1013018).\n- udf: Fix races with i_size changes during readpage (bsc#1013018).\n- Update metadata for serial fixes (bsc#1013070)\n- Update patches.fixes/nfs-svc-rdma.fix (bsc#1044854).\n- usb: cdc-acm: fix broken runtime suspend (bsc#1033771).\n- usb: cdc-acm: fix open and suspend race (bsc#1033771).\n- usb: cdc-acm: fix potential urb leak and PM imbalance in write (bsc#1033771).\n- usb: cdc-acm: fix runtime PM for control messages (bsc#1033771).\n- usb: cdc-acm: fix runtime PM imbalance at shutdown (bsc#1033771).\n- usb: cdc-acm: fix shutdown and suspend race (bsc#1033771).\n- usb: cdc-acm: fix write and resume race (bsc#1033771).\n- usb: cdc-acm: fix write and suspend race (bsc#1033771).\n- usb: class: usbtmc.c: Cleaning up uninitialized variables (bsc#1036288).\n- usb: class: usbtmc: do not print error when allocating urb fails (bsc#1036288).\n- usb: class: usbtmc: do not print on ENOMEM (bsc#1036288).\n- usb: hub: Fix crash after failure to read BOS descriptor (FATE#317453).\n- usb: iowarrior: fix info ioctl on big-endian hosts (bsc#1037441).\n- usb: iowarrior: fix NULL-deref in write (bsc#1037359).\n- usb: r8a66597-hcd: select a different endpoint on timeout (bsc#1047053).\n- usb: serial: ark3116: fix register-accessor error handling (git-fixes).\n- usb: serial: ch341: fix open error handling (bsc#1037441).\n- usb: serial: cp210x: fix tiocmget error handling (bsc#1037441).\n- usb: serial: ftdi_sio: fix line-status over-reporting (bsc#1037441).\n- usb: serial: io_edgeport: fix epic-descriptor handling (bsc#1037441).\n- usb: serial: io_ti: fix information leak in completion handler (git-fixes).\n- usb: serial: iuu_phoenix: fix NULL-deref at open (bsc#1033794).\n- usb: serial: kl5kusb105: fix line-state error handling (bsc#1021256).\n- usb: serial: mos7720: fix NULL-deref at open (bsc#1033816).\n- usb: serial: mos7720: fix parallel probe (bsc#1033816).\n- usb: serial: mos7720: fix parport use-after-free on probe errors (bsc#1033816).\n- usb: serial: mos7720: fix use-after-free on probe errors (bsc#1033816).\n- usb: serial: mos7840: fix another NULL-deref at open (bsc#1034026).\n- usb: serial: mos7840: fix NULL-deref at open (bsc#1034026).\n- usb: serial: oti6858: fix NULL-deref at open (bsc#1037441).\n- usb: serial: sierra: fix bogus alternate-setting assumption (bsc#1037441).\n- usb: serial: spcp8x5: fix NULL-deref at open (bsc#1037441).\n- usbtmc: remove redundant braces (bsc#1036288).\n- usbtmc: remove trailing spaces (bsc#1036288).\n- usb: usbip: fix nonconforming hub descriptor (bsc#1047487).\n- usb: usbtmc: add device quirk for Rigol DS6104 (bsc#1036288).\n- usb: usbtmc: Add flag rigol_quirk to usbtmc_device_data (bsc#1036288).\n- usb: usbtmc: add missing endpoint sanity check (bsc#1036288).\n- usb: usbtmc: Change magic number to constant (bsc#1036288).\n- usb: usbtmc: fix big-endian probe of Rigol devices (bsc#1036288).\n- usb: usbtmc: fix DMA on stack (bsc#1036288).\n- usb: usbtmc: fix probe error path (bsc#1036288).\n- usb: usbtmc: Set rigol_quirk if device is listed (bsc#1036288).\n- usb: usbtmc: TMC request code segregated from usbtmc_read (bsc#1036288).\n- usb: usbtmc: usbtmc_read sends multiple TMC header based on rigol_quirk (bsc#1036288).\n- usbvision: fix NULL-deref at probe (bsc#1050431).\n- usb: xhci-mem: use passed in GFP flags instead of GFP_KERNEL (bsc#1023014).\n- Use make --output-sync feature when available (bsc#1012422). The mesages in make output can interleave making it impossible to extract warnings reliably. Since version 4 GNU Make supports --output-sync flag that prints output of each sub-command atomically preventing this issue. Detect the flag and use it if available. SLE11 has make 3.81 so it is required to include make 4 in the kernel OBS projects to take advantege of this.\n- Use PF_LESS_THROTTLE in loop device thread (bsc#1027101).\n- uwb: hwa-rc: fix NULL-deref at probe (bsc#1037233).\n- uwb: i1480-dfu: fix NULL-deref at probe (bsc#1036629).\n- vb2: Fix an off by one error in \u0027vb2_plane_vaddr\u0027 (bsc#1050431).\n- vfs: split generic splice code from i_mutex locking (bsc#1024788).\n- vmxnet3: avoid calling pskb_may_pull with interrupts disabled (bsc#1045356).\n- vmxnet3: fix checks for dma mapping errors (bsc#1045356).\n- vmxnet3: fix lock imbalance in vmxnet3_tq_xmit() (bsc#1045356).\n- vmxnet3: segCnt can be 1 for LRO packets (bsc#988065, bsc#1029770).\n- x86, mm, paravirt: Fix vmalloc_fault oops during lazy MMU updates (bsc#948562).\n- x86/pci-calgary: Fix iommu_free() comparison of unsigned expression \u003e= 0 (bsc#1051478).\n- xen: avoid deadlock in xenbus (bnc#1047523).\n- xen-blkfront: correct maximum segment accounting (bsc#1018263).\n- xen-blkfront: do not call talk_to_blkback when already connected to blkback.\n- xen-blkfront: free resources if xlvbd_alloc_gendisk fails.\n- xen/PCI-MSI: fix sysfs teardown in DomU (bsc#986924).\n- xfrm: dst_entries_init() per-net dst_ops (bsc#1030814).\n- xfrm: NULL dereference on allocation failure (bsc#1047343).\n- xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653).\n- xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056).\n- xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1024508).\n- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).\n- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).\n- xfs: Fix lock ordering in splice write (bsc#1024788).\n- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).\n- xfs: kill xfs_itruncate_start (bsc#1024788).\n- xfs: Make xfs_icdinode-\u003edi_dmstate atomic_t (bsc#1024788).\n- xfs: remove the i_new_size field in struct xfs_inode (bsc#1024788).\n- xfs: remove the i_size field in struct xfs_inode (bsc#1024788).\n- xfs: remove xfs_itruncate_data (bsc#1024788).\n- xfs: replace global xfslogd wq with per-mount wq (bsc#1024508).\n- xfs: split xfs_itruncate_finish (bsc#1024788).\n- xfs: split xfs_setattr (bsc#1024788).\n- xfs: Synchronize xfs_buf disposal routines (bsc#1041160).\n- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).\n- xfs: use -\u003eb_state to fix buffer I/O accounting release race (bsc#1041160).\n- xprtrdma: Free the pd if ib_query_qp() fails (git-fixes).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "slertesp4-kernel-rt-13262",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2342-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2342-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172342-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2342-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-September/003182.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1003077",
        "url": "https://bugzilla.suse.com/1003077"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1005651",
        "url": "https://bugzilla.suse.com/1005651"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1008374",
        "url": "https://bugzilla.suse.com/1008374"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1008850",
        "url": "https://bugzilla.suse.com/1008850"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1008893",
        "url": "https://bugzilla.suse.com/1008893"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1012422",
        "url": "https://bugzilla.suse.com/1012422"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1013018",
        "url": "https://bugzilla.suse.com/1013018"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1013070",
        "url": "https://bugzilla.suse.com/1013070"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1013800",
        "url": "https://bugzilla.suse.com/1013800"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1013862",
        "url": "https://bugzilla.suse.com/1013862"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1016489",
        "url": "https://bugzilla.suse.com/1016489"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1017143",
        "url": "https://bugzilla.suse.com/1017143"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1018074",
        "url": "https://bugzilla.suse.com/1018074"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1018263",
        "url": "https://bugzilla.suse.com/1018263"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1018446",
        "url": "https://bugzilla.suse.com/1018446"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1019168",
        "url": "https://bugzilla.suse.com/1019168"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1020229",
        "url": "https://bugzilla.suse.com/1020229"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1021256",
        "url": "https://bugzilla.suse.com/1021256"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1021913",
        "url": "https://bugzilla.suse.com/1021913"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1022971",
        "url": "https://bugzilla.suse.com/1022971"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1023014",
        "url": "https://bugzilla.suse.com/1023014"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1023051",
        "url": "https://bugzilla.suse.com/1023051"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1023163",
        "url": "https://bugzilla.suse.com/1023163"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1023888",
        "url": "https://bugzilla.suse.com/1023888"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1024508",
        "url": "https://bugzilla.suse.com/1024508"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1024788",
        "url": "https://bugzilla.suse.com/1024788"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1024938",
        "url": "https://bugzilla.suse.com/1024938"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1025235",
        "url": "https://bugzilla.suse.com/1025235"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1025702",
        "url": "https://bugzilla.suse.com/1025702"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1026024",
        "url": "https://bugzilla.suse.com/1026024"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1026260",
        "url": "https://bugzilla.suse.com/1026260"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1026722",
        "url": "https://bugzilla.suse.com/1026722"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1026914",
        "url": "https://bugzilla.suse.com/1026914"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027066",
        "url": "https://bugzilla.suse.com/1027066"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027101",
        "url": "https://bugzilla.suse.com/1027101"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027178",
        "url": "https://bugzilla.suse.com/1027178"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027565",
        "url": "https://bugzilla.suse.com/1027565"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1028372",
        "url": "https://bugzilla.suse.com/1028372"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1028415",
        "url": "https://bugzilla.suse.com/1028415"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1028880",
        "url": "https://bugzilla.suse.com/1028880"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1029140",
        "url": "https://bugzilla.suse.com/1029140"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1029212",
        "url": "https://bugzilla.suse.com/1029212"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1029770",
        "url": "https://bugzilla.suse.com/1029770"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1029850",
        "url": "https://bugzilla.suse.com/1029850"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1030213",
        "url": "https://bugzilla.suse.com/1030213"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1030552",
        "url": "https://bugzilla.suse.com/1030552"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1030573",
        "url": "https://bugzilla.suse.com/1030573"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1030593",
        "url": "https://bugzilla.suse.com/1030593"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1030814",
        "url": "https://bugzilla.suse.com/1030814"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1031003",
        "url": "https://bugzilla.suse.com/1031003"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1031052",
        "url": "https://bugzilla.suse.com/1031052"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1031440",
        "url": "https://bugzilla.suse.com/1031440"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1031579",
        "url": "https://bugzilla.suse.com/1031579"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1032141",
        "url": "https://bugzilla.suse.com/1032141"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1032340",
        "url": "https://bugzilla.suse.com/1032340"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1032471",
        "url": "https://bugzilla.suse.com/1032471"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1033287",
        "url": "https://bugzilla.suse.com/1033287"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1033336",
        "url": "https://bugzilla.suse.com/1033336"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1033771",
        "url": "https://bugzilla.suse.com/1033771"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1033794",
        "url": "https://bugzilla.suse.com/1033794"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1033804",
        "url": "https://bugzilla.suse.com/1033804"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1033816",
        "url": "https://bugzilla.suse.com/1033816"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1034026",
        "url": "https://bugzilla.suse.com/1034026"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1034670",
        "url": "https://bugzilla.suse.com/1034670"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1035576",
        "url": "https://bugzilla.suse.com/1035576"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1035777",
        "url": "https://bugzilla.suse.com/1035777"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1035920",
        "url": "https://bugzilla.suse.com/1035920"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1036056",
        "url": "https://bugzilla.suse.com/1036056"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1036288",
        "url": "https://bugzilla.suse.com/1036288"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1036629",
        "url": "https://bugzilla.suse.com/1036629"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037182",
        "url": "https://bugzilla.suse.com/1037182"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037183",
        "url": "https://bugzilla.suse.com/1037183"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037191",
        "url": "https://bugzilla.suse.com/1037191"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037193",
        "url": "https://bugzilla.suse.com/1037193"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037227",
        "url": "https://bugzilla.suse.com/1037227"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037232",
        "url": "https://bugzilla.suse.com/1037232"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037233",
        "url": "https://bugzilla.suse.com/1037233"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037356",
        "url": "https://bugzilla.suse.com/1037356"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037358",
        "url": "https://bugzilla.suse.com/1037358"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037359",
        "url": "https://bugzilla.suse.com/1037359"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037441",
        "url": "https://bugzilla.suse.com/1037441"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038544",
        "url": "https://bugzilla.suse.com/1038544"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038879",
        "url": "https://bugzilla.suse.com/1038879"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038981",
        "url": "https://bugzilla.suse.com/1038981"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038982",
        "url": "https://bugzilla.suse.com/1038982"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039258",
        "url": "https://bugzilla.suse.com/1039258"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039348",
        "url": "https://bugzilla.suse.com/1039348"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039354",
        "url": "https://bugzilla.suse.com/1039354"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039456",
        "url": "https://bugzilla.suse.com/1039456"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039594",
        "url": "https://bugzilla.suse.com/1039594"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039882",
        "url": "https://bugzilla.suse.com/1039882"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039883",
        "url": "https://bugzilla.suse.com/1039883"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039885",
        "url": "https://bugzilla.suse.com/1039885"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1040069",
        "url": "https://bugzilla.suse.com/1040069"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1040351",
        "url": "https://bugzilla.suse.com/1040351"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041160",
        "url": "https://bugzilla.suse.com/1041160"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041431",
        "url": "https://bugzilla.suse.com/1041431"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041762",
        "url": "https://bugzilla.suse.com/1041762"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041975",
        "url": "https://bugzilla.suse.com/1041975"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042045",
        "url": "https://bugzilla.suse.com/1042045"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042200",
        "url": "https://bugzilla.suse.com/1042200"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042615",
        "url": "https://bugzilla.suse.com/1042615"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042633",
        "url": "https://bugzilla.suse.com/1042633"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042687",
        "url": "https://bugzilla.suse.com/1042687"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042832",
        "url": "https://bugzilla.suse.com/1042832"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1043014",
        "url": "https://bugzilla.suse.com/1043014"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1043234",
        "url": "https://bugzilla.suse.com/1043234"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1043935",
        "url": "https://bugzilla.suse.com/1043935"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044015",
        "url": "https://bugzilla.suse.com/1044015"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044125",
        "url": "https://bugzilla.suse.com/1044125"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044216",
        "url": "https://bugzilla.suse.com/1044216"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044230",
        "url": "https://bugzilla.suse.com/1044230"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044854",
        "url": "https://bugzilla.suse.com/1044854"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044882",
        "url": "https://bugzilla.suse.com/1044882"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044913",
        "url": "https://bugzilla.suse.com/1044913"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044985",
        "url": "https://bugzilla.suse.com/1044985"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045154",
        "url": "https://bugzilla.suse.com/1045154"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045340",
        "url": "https://bugzilla.suse.com/1045340"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045356",
        "url": "https://bugzilla.suse.com/1045356"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045406",
        "url": "https://bugzilla.suse.com/1045406"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045416",
        "url": "https://bugzilla.suse.com/1045416"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045525",
        "url": "https://bugzilla.suse.com/1045525"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045538",
        "url": "https://bugzilla.suse.com/1045538"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045547",
        "url": "https://bugzilla.suse.com/1045547"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045615",
        "url": "https://bugzilla.suse.com/1045615"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046107",
        "url": "https://bugzilla.suse.com/1046107"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046122",
        "url": "https://bugzilla.suse.com/1046122"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046192",
        "url": "https://bugzilla.suse.com/1046192"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046715",
        "url": "https://bugzilla.suse.com/1046715"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047027",
        "url": "https://bugzilla.suse.com/1047027"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047053",
        "url": "https://bugzilla.suse.com/1047053"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047343",
        "url": "https://bugzilla.suse.com/1047343"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047354",
        "url": "https://bugzilla.suse.com/1047354"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047487",
        "url": "https://bugzilla.suse.com/1047487"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047523",
        "url": "https://bugzilla.suse.com/1047523"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047653",
        "url": "https://bugzilla.suse.com/1047653"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048185",
        "url": "https://bugzilla.suse.com/1048185"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048221",
        "url": "https://bugzilla.suse.com/1048221"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048232",
        "url": "https://bugzilla.suse.com/1048232"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048275",
        "url": "https://bugzilla.suse.com/1048275"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049483",
        "url": "https://bugzilla.suse.com/1049483"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049603",
        "url": "https://bugzilla.suse.com/1049603"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049688",
        "url": "https://bugzilla.suse.com/1049688"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049882",
        "url": "https://bugzilla.suse.com/1049882"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050154",
        "url": "https://bugzilla.suse.com/1050154"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050431",
        "url": "https://bugzilla.suse.com/1050431"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051478",
        "url": "https://bugzilla.suse.com/1051478"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051515",
        "url": "https://bugzilla.suse.com/1051515"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051770",
        "url": "https://bugzilla.suse.com/1051770"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 784815",
        "url": "https://bugzilla.suse.com/784815"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 792863",
        "url": "https://bugzilla.suse.com/792863"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 799133",
        "url": "https://bugzilla.suse.com/799133"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 870618",
        "url": "https://bugzilla.suse.com/870618"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 909486",
        "url": "https://bugzilla.suse.com/909486"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 909618",
        "url": "https://bugzilla.suse.com/909618"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 911105",
        "url": "https://bugzilla.suse.com/911105"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 919382",
        "url": "https://bugzilla.suse.com/919382"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 928138",
        "url": "https://bugzilla.suse.com/928138"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 931620",
        "url": "https://bugzilla.suse.com/931620"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 938352",
        "url": "https://bugzilla.suse.com/938352"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 943786",
        "url": "https://bugzilla.suse.com/943786"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 948562",
        "url": "https://bugzilla.suse.com/948562"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 962257",
        "url": "https://bugzilla.suse.com/962257"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 970956",
        "url": "https://bugzilla.suse.com/970956"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971975",
        "url": "https://bugzilla.suse.com/971975"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 972891",
        "url": "https://bugzilla.suse.com/972891"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 979021",
        "url": "https://bugzilla.suse.com/979021"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 982783",
        "url": "https://bugzilla.suse.com/982783"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 983212",
        "url": "https://bugzilla.suse.com/983212"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 985561",
        "url": "https://bugzilla.suse.com/985561"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 986362",
        "url": "https://bugzilla.suse.com/986362"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 986365",
        "url": "https://bugzilla.suse.com/986365"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 986924",
        "url": "https://bugzilla.suse.com/986924"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 988065",
        "url": "https://bugzilla.suse.com/988065"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 989056",
        "url": "https://bugzilla.suse.com/989056"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 990682",
        "url": "https://bugzilla.suse.com/990682"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 991651",
        "url": "https://bugzilla.suse.com/991651"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 995542",
        "url": "https://bugzilla.suse.com/995542"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 999245",
        "url": "https://bugzilla.suse.com/999245"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2014-9922 page",
        "url": "https://www.suse.com/security/cve/CVE-2014-9922/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-3288 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-3288/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-8970 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-8970/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-10200 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-10200/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-2188 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-2188/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-4997 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-4997/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-5243 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-5243/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-7117 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-7117/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000363 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000363/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000364 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000364/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000365 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000365/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000380 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000380/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11176 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11473 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11473/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2636 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2647 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2647/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2671 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2671/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5669 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5669/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5970 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5970/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-5986 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-5986/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-6074 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-6074/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-6214 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-6214/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-6348 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-6348/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-6353 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-6353/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-6951 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-6951/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7184 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7184/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7187 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7187/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7261 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7261/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7294 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7294/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7308 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7308/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7482 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7482/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7487 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7542 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7542/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7616 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7616/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8890 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8890/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8924 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8924/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8925 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8925/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9074 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9074/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9075 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9075/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9076 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9076/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9077 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9077/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9242 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9242/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2017-09-04T13:37:48Z",
      "generator": {
        "date": "2017-09-04T13:37:48Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2342-1",
      "initial_release_date": "2017-09-04T13:37:48Z",
      "revision_history": [
        {
          "date": "2017-09-04T13:37:48Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                "product": {
                  "name": "kernel-rt-3.0.101.rt130-69.5.1.x86_64",
                  "product_id": "kernel-rt-3.0.101.rt130-69.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                "product": {
                  "name": "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
                  "product_id": "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                "product": {
                  "name": "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
                  "product_id": "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                "product": {
                  "name": "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
                  "product_id": "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                "product": {
                  "name": "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
                  "product_id": "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                "product": {
                  "name": "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
                  "product_id": "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                "product": {
                  "name": "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
                  "product_id": "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
                "product": {
                  "name": "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
                  "product_id": "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Real Time 11 SP4",
                "product": {
                  "name": "SUSE Linux Enterprise Real Time 11 SP4",
                  "product_id": "SUSE Linux Enterprise Real Time 11 SP4",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:suse:suse-linux-enterprise-rt:11:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64"
        },
        "product_reference": "kernel-rt-3.0.101.rt130-69.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64"
        },
        "product_reference": "kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64"
        },
        "product_reference": "kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64"
        },
        "product_reference": "kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64"
        },
        "product_reference": "kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64"
        },
        "product_reference": "kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64"
        },
        "product_reference": "kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64 as component of SUSE Linux Enterprise Real Time 11 SP4",
          "product_id": "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        },
        "product_reference": "kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 11 SP4"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2014-9922",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2014-9922"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2014-9922",
          "url": "https://www.suse.com/security/cve/CVE-2014-9922"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1032340 for CVE-2014-9922",
          "url": "https://bugzilla.suse.com/1032340"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2014-9922"
    },
    {
      "cve": "CVE-2015-3288",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-3288"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-3288",
          "url": "https://www.suse.com/security/cve/CVE-2015-3288"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2015-3288",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 979021 for CVE-2015-3288",
          "url": "https://bugzilla.suse.com/979021"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-3288"
    },
    {
      "cve": "CVE-2015-8970",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-8970"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "crypto/algif_skcipher.c in the Linux kernel before 4.4.2 does not verify that a setkey operation has been performed on an AF_ALG socket before an accept system call is processed, which allows local users to cause a denial of service (NULL pointer dereference and system crash) via a crafted application that does not supply a key, related to the lrw_crypt function in crypto/lrw.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-8970",
          "url": "https://www.suse.com/security/cve/CVE-2015-8970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1008374 for CVE-2015-8970",
          "url": "https://bugzilla.suse.com/1008374"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1008850 for CVE-2015-8970",
          "url": "https://bugzilla.suse.com/1008850"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-8970"
    },
    {
      "cve": "CVE-2016-10200",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-10200"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-10200",
          "url": "https://www.suse.com/security/cve/CVE-2016-10200"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027179 for CVE-2016-10200",
          "url": "https://bugzilla.suse.com/1027179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028415 for CVE-2016-10200",
          "url": "https://bugzilla.suse.com/1028415"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-10200"
    },
    {
      "cve": "CVE-2016-2188",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-2188"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-2188",
          "url": "https://www.suse.com/security/cve/CVE-2016-2188"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1067912 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/1067912"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1132190 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/1132190"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 970956 for CVE-2016-2188",
          "url": "https://bugzilla.suse.com/970956"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-2188"
    },
    {
      "cve": "CVE-2016-4997",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-4997"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-4997",
          "url": "https://www.suse.com/security/cve/CVE-2016-4997"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1020452 for CVE-2016-4997",
          "url": "https://bugzilla.suse.com/1020452"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986362 for CVE-2016-4997",
          "url": "https://bugzilla.suse.com/986362"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986365 for CVE-2016-4997",
          "url": "https://bugzilla.suse.com/986365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986377 for CVE-2016-4997",
          "url": "https://bugzilla.suse.com/986377"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 991651 for CVE-2016-4997",
          "url": "https://bugzilla.suse.com/991651"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2016-4997"
    },
    {
      "cve": "CVE-2016-5243",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-5243"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-5243",
          "url": "https://www.suse.com/security/cve/CVE-2016-5243"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983212 for CVE-2016-5243",
          "url": "https://bugzilla.suse.com/983212"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986225 for CVE-2016-5243",
          "url": "https://bugzilla.suse.com/986225"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "low"
        }
      ],
      "title": "CVE-2016-5243"
    },
    {
      "cve": "CVE-2016-7117",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-7117"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-7117",
          "url": "https://www.suse.com/security/cve/CVE-2016-7117"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1003077 for CVE-2016-7117",
          "url": "https://bugzilla.suse.com/1003077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1003253 for CVE-2016-7117",
          "url": "https://bugzilla.suse.com/1003253"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1057478 for CVE-2016-7117",
          "url": "https://bugzilla.suse.com/1057478"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1071943 for CVE-2016-7117",
          "url": "https://bugzilla.suse.com/1071943"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-7117"
    },
    {
      "cve": "CVE-2017-1000363",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000363"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a \u0027secure boot\u0027 kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6\u0027s CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (\u003eLP_NO) \u0027lp=none\u0027 arguments to the command line.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000363",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000363"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039456 for CVE-2017-1000363",
          "url": "https://bugzilla.suse.com/1039456"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-1000363",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-1000363"
    },
    {
      "cve": "CVE-2017-1000364",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000364"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000364",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039346 for CVE-2017-1000364",
          "url": "https://bugzilla.suse.com/1039346"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039348 for CVE-2017-1000364",
          "url": "https://bugzilla.suse.com/1039348"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042200 for CVE-2017-1000364",
          "url": "https://bugzilla.suse.com/1042200"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1044985 for CVE-2017-1000364",
          "url": "https://bugzilla.suse.com/1044985"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1071943 for CVE-2017-1000364",
          "url": "https://bugzilla.suse.com/1071943"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1075506 for CVE-2017-1000364",
          "url": "https://bugzilla.suse.com/1075506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077345 for CVE-2017-1000364",
          "url": "https://bugzilla.suse.com/1077345"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-1000364",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149726 for CVE-2017-1000364",
          "url": "https://bugzilla.suse.com/1149726"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-1000364"
    },
    {
      "cve": "CVE-2017-1000365",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000365"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000365",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037551 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1037551"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039346 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1039346"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039349 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1039349"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039354 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1039354"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1054557 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1054557"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077345 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1077345"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-1000365"
    },
    {
      "cve": "CVE-2017-1000380",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000380"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000380",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1044125 for CVE-2017-1000380",
          "url": "https://bugzilla.suse.com/1044125"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-1000380"
    },
    {
      "cve": "CVE-2017-11176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11176",
          "url": "https://www.suse.com/security/cve/CVE-2017-11176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1048275 for CVE-2017-11176",
          "url": "https://bugzilla.suse.com/1048275"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-11176",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-11176"
    },
    {
      "cve": "CVE-2017-11473",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11473"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11473",
          "url": "https://www.suse.com/security/cve/CVE-2017-11473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049603 for CVE-2017-11473",
          "url": "https://bugzilla.suse.com/1049603"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061680 for CVE-2017-11473",
          "url": "https://bugzilla.suse.com/1061680"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-11473",
          "url": "https://bugzilla.suse.com/1087082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-11473",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-11473"
    },
    {
      "cve": "CVE-2017-2636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2636",
          "url": "https://www.suse.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027565 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027575 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028372 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1028372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2017-2647",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2647"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2647",
          "url": "https://www.suse.com/security/cve/CVE-2017-2647"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1030593 for CVE-2017-2647",
          "url": "https://bugzilla.suse.com/1030593"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2647",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-2647"
    },
    {
      "cve": "CVE-2017-2671",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2671"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2671",
          "url": "https://www.suse.com/security/cve/CVE-2017-2671"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027179 for CVE-2017-2671",
          "url": "https://bugzilla.suse.com/1027179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1031003 for CVE-2017-2671",
          "url": "https://bugzilla.suse.com/1031003"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-2671",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-2671"
    },
    {
      "cve": "CVE-2017-5669",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5669"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5669",
          "url": "https://www.suse.com/security/cve/CVE-2017-5669"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1026914 for CVE-2017-5669",
          "url": "https://bugzilla.suse.com/1026914"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1102390 for CVE-2017-5669",
          "url": "https://bugzilla.suse.com/1102390"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-5669",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5669"
    },
    {
      "cve": "CVE-2017-5970",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5970"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ipv4_pktinfo_prepare function in net/ipv4/ip_sockglue.c in the Linux kernel through 4.9.9 allows attackers to cause a denial of service (system crash) via (1) an application that makes crafted system calls or possibly (2) IPv4 traffic with invalid IP options.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5970",
          "url": "https://www.suse.com/security/cve/CVE-2017-5970"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1024938 for CVE-2017-5970",
          "url": "https://bugzilla.suse.com/1024938"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1025013 for CVE-2017-5970",
          "url": "https://bugzilla.suse.com/1025013"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-5970",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-5970"
    },
    {
      "cve": "CVE-2017-5986",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-5986"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-5986",
          "url": "https://www.suse.com/security/cve/CVE-2017-5986"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1025235 for CVE-2017-5986",
          "url": "https://bugzilla.suse.com/1025235"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027066 for CVE-2017-5986",
          "url": "https://bugzilla.suse.com/1027066"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-5986"
    },
    {
      "cve": "CVE-2017-6074",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-6074"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-6074",
          "url": "https://www.suse.com/security/cve/CVE-2017-6074"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1026024 for CVE-2017-6074",
          "url": "https://bugzilla.suse.com/1026024"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072204 for CVE-2017-6074",
          "url": "https://bugzilla.suse.com/1072204"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-6074"
    },
    {
      "cve": "CVE-2017-6214",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-6214"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-6214",
          "url": "https://www.suse.com/security/cve/CVE-2017-6214"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1026722 for CVE-2017-6214",
          "url": "https://bugzilla.suse.com/1026722"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027179 for CVE-2017-6214",
          "url": "https://bugzilla.suse.com/1027179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-6214",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-6214"
    },
    {
      "cve": "CVE-2017-6348",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-6348"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-6348",
          "url": "https://www.suse.com/security/cve/CVE-2017-6348"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027178 for CVE-2017-6348",
          "url": "https://bugzilla.suse.com/1027178"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-6348",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-6348"
    },
    {
      "cve": "CVE-2017-6353",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-6353"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-6353",
          "url": "https://www.suse.com/security/cve/CVE-2017-6353"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1025235 for CVE-2017-6353",
          "url": "https://bugzilla.suse.com/1025235"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027066 for CVE-2017-6353",
          "url": "https://bugzilla.suse.com/1027066"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-6353"
    },
    {
      "cve": "CVE-2017-6951",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-6951"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \"dead\" type.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-6951",
          "url": "https://www.suse.com/security/cve/CVE-2017-6951"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1029850 for CVE-2017-6951",
          "url": "https://bugzilla.suse.com/1029850"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1030593 for CVE-2017-6951",
          "url": "https://bugzilla.suse.com/1030593"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-6951"
    },
    {
      "cve": "CVE-2017-7184",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7184"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xfrm_replay_verify_len function in net/xfrm/xfrm_user.c in the Linux kernel through 4.10.6 does not validate certain size data after an XFRM_MSG_NEWAE update, which allows local users to obtain root privileges or cause a denial of service (heap-based out-of-bounds access) by leveraging the CAP_NET_ADMIN capability, as demonstrated during a Pwn2Own competition at CanSecWest 2017 for the Ubuntu 16.10 linux-image-* package 4.8.0.41.52.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7184",
          "url": "https://www.suse.com/security/cve/CVE-2017-7184"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1030573 for CVE-2017-7184",
          "url": "https://bugzilla.suse.com/1030573"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1030575 for CVE-2017-7184",
          "url": "https://bugzilla.suse.com/1030575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-7184",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7184"
    },
    {
      "cve": "CVE-2017-7187",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7187"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7187",
          "url": "https://www.suse.com/security/cve/CVE-2017-7187"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027179 for CVE-2017-7187",
          "url": "https://bugzilla.suse.com/1027179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1030213 for CVE-2017-7187",
          "url": "https://bugzilla.suse.com/1030213"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-7187",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7187"
    },
    {
      "cve": "CVE-2017-7261",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7261"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7261",
          "url": "https://www.suse.com/security/cve/CVE-2017-7261"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027179 for CVE-2017-7261",
          "url": "https://bugzilla.suse.com/1027179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1031052 for CVE-2017-7261",
          "url": "https://bugzilla.suse.com/1031052"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7261"
    },
    {
      "cve": "CVE-2017-7294",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7294"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7294",
          "url": "https://www.suse.com/security/cve/CVE-2017-7294"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027179 for CVE-2017-7294",
          "url": "https://bugzilla.suse.com/1027179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1031440 for CVE-2017-7294",
          "url": "https://bugzilla.suse.com/1031440"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1031481 for CVE-2017-7294",
          "url": "https://bugzilla.suse.com/1031481"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-7294",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7294"
    },
    {
      "cve": "CVE-2017-7308",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7308"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7308",
          "url": "https://www.suse.com/security/cve/CVE-2017-7308"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027179 for CVE-2017-7308",
          "url": "https://bugzilla.suse.com/1027179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1031579 for CVE-2017-7308",
          "url": "https://bugzilla.suse.com/1031579"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1031660 for CVE-2017-7308",
          "url": "https://bugzilla.suse.com/1031660"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-7308",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7308"
    },
    {
      "cve": "CVE-2017-7482",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7482"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7482",
          "url": "https://www.suse.com/security/cve/CVE-2017-7482"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046107 for CVE-2017-7482",
          "url": "https://bugzilla.suse.com/1046107"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-7482",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7482"
    },
    {
      "cve": "CVE-2017-7487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7487",
          "url": "https://www.suse.com/security/cve/CVE-2017-7487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038879 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1038879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038883 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1038883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038981 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1038981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038982 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1038982"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072204 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1072204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 870618 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/870618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7487"
    },
    {
      "cve": "CVE-2017-7533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7533",
          "url": "https://www.suse.com/security/cve/CVE-2017-7533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049483 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1049483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050677 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050751 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7533"
    },
    {
      "cve": "CVE-2017-7542",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7542"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7542",
          "url": "https://www.suse.com/security/cve/CVE-2017-7542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049882 for CVE-2017-7542",
          "url": "https://bugzilla.suse.com/1049882"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061936 for CVE-2017-7542",
          "url": "https://bugzilla.suse.com/1061936"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7542"
    },
    {
      "cve": "CVE-2017-7616",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7616"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7616",
          "url": "https://www.suse.com/security/cve/CVE-2017-7616"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1033336 for CVE-2017-7616",
          "url": "https://bugzilla.suse.com/1033336"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7616"
    },
    {
      "cve": "CVE-2017-8890",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8890"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8890",
          "url": "https://www.suse.com/security/cve/CVE-2017-8890"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038564 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038564"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039883 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039885 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039885"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1040069 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1040069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042364 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1042364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051906 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1051906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-8890"
    },
    {
      "cve": "CVE-2017-8924",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8924"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8924",
          "url": "https://www.suse.com/security/cve/CVE-2017-8924"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037182 for CVE-2017-8924",
          "url": "https://bugzilla.suse.com/1037182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038981 for CVE-2017-8924",
          "url": "https://bugzilla.suse.com/1038981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038982 for CVE-2017-8924",
          "url": "https://bugzilla.suse.com/1038982"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 870618 for CVE-2017-8924",
          "url": "https://bugzilla.suse.com/870618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-8924"
    },
    {
      "cve": "CVE-2017-8925",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8925"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8925",
          "url": "https://www.suse.com/security/cve/CVE-2017-8925"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037183 for CVE-2017-8925",
          "url": "https://bugzilla.suse.com/1037183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038981 for CVE-2017-8925",
          "url": "https://bugzilla.suse.com/1038981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038982 for CVE-2017-8925",
          "url": "https://bugzilla.suse.com/1038982"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 870618 for CVE-2017-8925",
          "url": "https://bugzilla.suse.com/870618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-8925"
    },
    {
      "cve": "CVE-2017-9074",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9074"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9074",
          "url": "https://www.suse.com/security/cve/CVE-2017-9074"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039882 for CVE-2017-9074",
          "url": "https://bugzilla.suse.com/1039882"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-9074",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9074"
    },
    {
      "cve": "CVE-2017-9075",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9075"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9075",
          "url": "https://www.suse.com/security/cve/CVE-2017-9075"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-9075",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039883 for CVE-2017-9075",
          "url": "https://bugzilla.suse.com/1039883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051906 for CVE-2017-9075",
          "url": "https://bugzilla.suse.com/1051906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-9075",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9075"
    },
    {
      "cve": "CVE-2017-9076",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9076"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9076",
          "url": "https://www.suse.com/security/cve/CVE-2017-9076"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039885 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1039885"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1040069 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1040069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051906 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1051906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9076"
    },
    {
      "cve": "CVE-2017-9077",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9077"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9077",
          "url": "https://www.suse.com/security/cve/CVE-2017-9077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-9077",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1040069 for CVE-2017-9077",
          "url": "https://bugzilla.suse.com/1040069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042364 for CVE-2017-9077",
          "url": "https://bugzilla.suse.com/1042364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-9077",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9077"
    },
    {
      "cve": "CVE-2017-9242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
          "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9242",
          "url": "https://www.suse.com/security/cve/CVE-2017-9242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1041431 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1041431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042892 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1042892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-base-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-rt_trace-devel-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-source-rt-3.0.101.rt130-69.5.1.x86_64",
            "SUSE Linux Enterprise Real Time 11 SP4:kernel-syms-rt-3.0.101.rt130-69.5.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-09-04T13:37:48Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-9242"
    }
  ]
}

SUSE-SU-2025:0152-1

Vulnerability from csaf_suse - Published: 2025-01-17 09:13 - Updated: 2025-01-17 09:13

Summary

Security update for the Linux Kernel

Severity

Important

Notes

Title of the patch: Security update for the Linux Kernel

Description of the patch: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588) - CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). - CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). - CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). - CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). - CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). - CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). - CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). - CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). - CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). - CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). The following non-security bugs were fixed: - Enable CONFIG_FIRMWARE_SIG () - r8169: check ALDPS bit and disable it if enabled for the 8168g (bnc#845352). - rpm/kernel-binary.spec.in: Remove obsolete ext4-writeable. Needs to be handled differently. (bnc#830822)

Patchnames: SUSE-2025-152,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-152

CVE-2017-1000253

8.4 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-14051

6.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-2636

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-20368

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2022-48839

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2024-53146

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-53156

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-53173

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-53239

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-56539

4.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-56548

6.7 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-56598

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-56604

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-56605

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2024-56619

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 14 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64	—	Vendor Fix

Threats

Impact important

References

91 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1027565	self
https://bugzilla.suse.com/1056588	self
https://bugzilla.suse.com/1059525	self
https://bugzilla.suse.com/1202346	self
https://bugzilla.suse.com/1227985	self
https://bugzilla.suse.com/1234846	self
https://bugzilla.suse.com/1234853	self
https://bugzilla.suse.com/1234891	self
https://bugzilla.suse.com/1234963	self
https://bugzilla.suse.com/1235054	self
https://bugzilla.suse.com/1235056	self
https://bugzilla.suse.com/1235061	self
https://bugzilla.suse.com/1235073	self
https://bugzilla.suse.com/1235220	self
https://bugzilla.suse.com/1235224	self
https://www.suse.com/security/cve/CVE-2017-1000253/	self
https://www.suse.com/security/cve/CVE-2017-14051/	self
https://www.suse.com/security/cve/CVE-2017-2636/	self
https://www.suse.com/security/cve/CVE-2022-20368/	self
https://www.suse.com/security/cve/CVE-2022-48839/	self
https://www.suse.com/security/cve/CVE-2024-53146/	self
https://www.suse.com/security/cve/CVE-2024-53156/	self
https://www.suse.com/security/cve/CVE-2024-53173/	self
https://www.suse.com/security/cve/CVE-2024-53239/	self
https://www.suse.com/security/cve/CVE-2024-56539/	self
https://www.suse.com/security/cve/CVE-2024-56548/	self
https://www.suse.com/security/cve/CVE-2024-56598/	self
https://www.suse.com/security/cve/CVE-2024-56604/	self
https://www.suse.com/security/cve/CVE-2024-56605/	self
https://www.suse.com/security/cve/CVE-2024-56619/	self
https://www.suse.com/security/cve/CVE-2017-1000253	external
https://bugzilla.suse.com/1059525	external
https://bugzilla.suse.com/1061680	external
https://bugzilla.suse.com/1063607	external
https://bugzilla.suse.com/1071943	external
https://bugzilla.suse.com/1072204	external
https://bugzilla.suse.com/1075506	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/1149729	external
https://www.suse.com/security/cve/CVE-2017-14051	external
https://bugzilla.suse.com/1056588	external
https://www.suse.com/security/cve/CVE-2017-2636	external
https://bugzilla.suse.com/1027565	external
https://bugzilla.suse.com/1027575	external
https://bugzilla.suse.com/1028372	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2022-20368	external
https://bugzilla.suse.com/1202346	external
https://bugzilla.suse.com/1212311	external
https://www.suse.com/security/cve/CVE-2022-48839	external
https://bugzilla.suse.com/1227985	external
https://www.suse.com/security/cve/CVE-2024-53146	external
https://bugzilla.suse.com/1234853	external
https://bugzilla.suse.com/1234854	external
https://www.suse.com/security/cve/CVE-2024-53156	external
https://bugzilla.suse.com/1234846	external
https://bugzilla.suse.com/1234847	external
https://bugzilla.suse.com/1234853	external
https://www.suse.com/security/cve/CVE-2024-53173	external
https://bugzilla.suse.com/1234853	external
https://bugzilla.suse.com/1234891	external
https://bugzilla.suse.com/1234892	external
https://www.suse.com/security/cve/CVE-2024-53239	external
https://bugzilla.suse.com/1234853	external
https://bugzilla.suse.com/1235054	external
https://bugzilla.suse.com/1235055	external
https://www.suse.com/security/cve/CVE-2024-56539	external
https://bugzilla.suse.com/1234853	external
https://bugzilla.suse.com/1234963	external
https://bugzilla.suse.com/1234964	external
https://www.suse.com/security/cve/CVE-2024-56548	external
https://bugzilla.suse.com/1234853	external
https://bugzilla.suse.com/1235073	external
https://bugzilla.suse.com/1235074	external
https://www.suse.com/security/cve/CVE-2024-56598	external
https://bugzilla.suse.com/1235220	external
https://bugzilla.suse.com/1235221	external
https://www.suse.com/security/cve/CVE-2024-56604	external
https://bugzilla.suse.com/1235056	external
https://bugzilla.suse.com/1235058	external
https://www.suse.com/security/cve/CVE-2024-56605	external
https://bugzilla.suse.com/1234853	external
https://bugzilla.suse.com/1235061	external
https://bugzilla.suse.com/1235062	external
https://www.suse.com/security/cve/CVE-2024-56619	external
https://bugzilla.suse.com/1235224	external
https://bugzilla.suse.com/1235225	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThe SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-14051: scsi/qla2xxx: Fix an integer overflow in sysfs code. (bsc#1056588)\n- CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853).\n- CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846).\n- CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891).\n- CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054).\n- CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963).\n- CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073).\n- CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220).\n- CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056).\n- CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061).\n- CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224).\n\nThe following non-security bugs were fixed:\n\n- Enable CONFIG_FIRMWARE_SIG ()\n- r8169: check ALDPS bit and disable it if enabled for the 8168g (bnc#845352).\n- rpm/kernel-binary.spec.in: Remove obsolete ext4-writeable. Needs to be handled differently. (bnc#830822)\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-152,SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2025-152",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_0152-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:0152-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-20250152-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:0152-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020152.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1027565",
        "url": "https://bugzilla.suse.com/1027565"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1056588",
        "url": "https://bugzilla.suse.com/1056588"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1059525",
        "url": "https://bugzilla.suse.com/1059525"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1202346",
        "url": "https://bugzilla.suse.com/1202346"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1227985",
        "url": "https://bugzilla.suse.com/1227985"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234846",
        "url": "https://bugzilla.suse.com/1234846"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234853",
        "url": "https://bugzilla.suse.com/1234853"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234891",
        "url": "https://bugzilla.suse.com/1234891"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1234963",
        "url": "https://bugzilla.suse.com/1234963"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235054",
        "url": "https://bugzilla.suse.com/1235054"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235056",
        "url": "https://bugzilla.suse.com/1235056"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235061",
        "url": "https://bugzilla.suse.com/1235061"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235073",
        "url": "https://bugzilla.suse.com/1235073"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235220",
        "url": "https://bugzilla.suse.com/1235220"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1235224",
        "url": "https://bugzilla.suse.com/1235224"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000253 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000253/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-14051 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-14051/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2636 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2636/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-20368 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-20368/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-48839 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-48839/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53146 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53146/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53156 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53156/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53173 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53173/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-53239 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-53239/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56539 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56539/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56548 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56548/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56598 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56598/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56604 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56604/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56605 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56605/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-56619 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-56619/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2025-01-17T09:13:58Z",
      "generator": {
        "date": "2025-01-17T09:13:58Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:0152-1",
      "initial_release_date": "2025-01-17T09:13:58Z",
      "revision_history": [
        {
          "date": "2025-01-17T09:13:58Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-debug-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-debug-3.0.101-108.174.1.i586",
                  "product_id": "kernel-debug-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-debug-base-3.0.101-108.174.1.i586",
                  "product_id": "kernel-debug-base-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-debug-devel-3.0.101-108.174.1.i586",
                  "product_id": "kernel-debug-devel-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-extra-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-debug-extra-3.0.101-108.174.1.i586",
                  "product_id": "kernel-debug-extra-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-hmac-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-debug-hmac-3.0.101-108.174.1.i586",
                  "product_id": "kernel-debug-hmac-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-default-3.0.101-108.174.1.i586",
                  "product_id": "kernel-default-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-default-base-3.0.101-108.174.1.i586",
                  "product_id": "kernel-default-base-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-default-devel-3.0.101-108.174.1.i586",
                  "product_id": "kernel-default-devel-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-default-extra-3.0.101-108.174.1.i586",
                  "product_id": "kernel-default-extra-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-hmac-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-default-hmac-3.0.101-108.174.1.i586",
                  "product_id": "kernel-default-hmac-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-ec2-3.0.101-108.174.1.i586",
                  "product_id": "kernel-ec2-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-base-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-ec2-base-3.0.101-108.174.1.i586",
                  "product_id": "kernel-ec2-base-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-devel-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-ec2-devel-3.0.101-108.174.1.i586",
                  "product_id": "kernel-ec2-devel-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-extra-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-ec2-extra-3.0.101-108.174.1.i586",
                  "product_id": "kernel-ec2-extra-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-hmac-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-ec2-hmac-3.0.101-108.174.1.i586",
                  "product_id": "kernel-ec2-hmac-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-pae-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-pae-3.0.101-108.174.1.i586",
                  "product_id": "kernel-pae-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-pae-base-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-pae-base-3.0.101-108.174.1.i586",
                  "product_id": "kernel-pae-base-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-pae-devel-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-pae-devel-3.0.101-108.174.1.i586",
                  "product_id": "kernel-pae-devel-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-pae-extra-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-pae-extra-3.0.101-108.174.1.i586",
                  "product_id": "kernel-pae-extra-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-pae-hmac-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-pae-hmac-3.0.101-108.174.1.i586",
                  "product_id": "kernel-pae-hmac-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-source-3.0.101-108.174.1.i586",
                  "product_id": "kernel-source-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-source-vanilla-3.0.101-108.174.1.i586",
                  "product_id": "kernel-source-vanilla-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-syms-3.0.101-108.174.1.i586",
                  "product_id": "kernel-syms-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-trace-3.0.101-108.174.1.i586",
                  "product_id": "kernel-trace-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-base-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-trace-base-3.0.101-108.174.1.i586",
                  "product_id": "kernel-trace-base-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-devel-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-trace-devel-3.0.101-108.174.1.i586",
                  "product_id": "kernel-trace-devel-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-extra-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-trace-extra-3.0.101-108.174.1.i586",
                  "product_id": "kernel-trace-extra-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-hmac-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-trace-hmac-3.0.101-108.174.1.i586",
                  "product_id": "kernel-trace-hmac-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-vanilla-3.0.101-108.174.1.i586",
                  "product_id": "kernel-vanilla-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-vanilla-base-3.0.101-108.174.1.i586",
                  "product_id": "kernel-vanilla-base-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-vanilla-devel-3.0.101-108.174.1.i586",
                  "product_id": "kernel-vanilla-devel-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-hmac-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-vanilla-hmac-3.0.101-108.174.1.i586",
                  "product_id": "kernel-vanilla-hmac-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-xen-3.0.101-108.174.1.i586",
                  "product_id": "kernel-xen-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-base-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-xen-base-3.0.101-108.174.1.i586",
                  "product_id": "kernel-xen-base-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-devel-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-xen-devel-3.0.101-108.174.1.i586",
                  "product_id": "kernel-xen-devel-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-extra-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-xen-extra-3.0.101-108.174.1.i586",
                  "product_id": "kernel-xen-extra-3.0.101-108.174.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-hmac-3.0.101-108.174.1.i586",
                "product": {
                  "name": "kernel-xen-hmac-3.0.101-108.174.1.i586",
                  "product_id": "kernel-xen-hmac-3.0.101-108.174.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-108.174.1.ia64",
                "product": {
                  "name": "kernel-source-3.0.101-108.174.1.ia64",
                  "product_id": "kernel-source-3.0.101-108.174.1.ia64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-3.0.101-108.174.1.ia64",
                "product": {
                  "name": "kernel-source-vanilla-3.0.101-108.174.1.ia64",
                  "product_id": "kernel-source-vanilla-3.0.101-108.174.1.ia64"
                }
              }
            ],
            "category": "architecture",
            "name": "ia64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-docs-3.0.101-108.174.1.noarch",
                "product": {
                  "name": "kernel-docs-3.0.101-108.174.1.noarch",
                  "product_id": "kernel-docs-3.0.101-108.174.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-108.174.1.ppc",
                "product": {
                  "name": "kernel-source-3.0.101-108.174.1.ppc",
                  "product_id": "kernel-source-3.0.101-108.174.1.ppc"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-3.0.101-108.174.1.ppc",
                "product": {
                  "name": "kernel-source-vanilla-3.0.101-108.174.1.ppc",
                  "product_id": "kernel-source-vanilla-3.0.101-108.174.1.ppc"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-108.174.1.ppc64",
                "product": {
                  "name": "kernel-source-3.0.101-108.174.1.ppc64",
                  "product_id": "kernel-source-3.0.101-108.174.1.ppc64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-3.0.101-108.174.1.ppc64",
                "product": {
                  "name": "kernel-source-vanilla-3.0.101-108.174.1.ppc64",
                  "product_id": "kernel-source-vanilla-3.0.101-108.174.1.ppc64"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-108.174.1.s390",
                "product": {
                  "name": "kernel-source-3.0.101-108.174.1.s390",
                  "product_id": "kernel-source-3.0.101-108.174.1.s390"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-3.0.101-108.174.1.s390",
                "product": {
                  "name": "kernel-source-vanilla-3.0.101-108.174.1.s390",
                  "product_id": "kernel-source-vanilla-3.0.101-108.174.1.s390"
                }
              }
            ],
            "category": "architecture",
            "name": "s390"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-108.174.1.s390x",
                "product": {
                  "name": "kernel-source-3.0.101-108.174.1.s390x",
                  "product_id": "kernel-source-3.0.101-108.174.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-3.0.101-108.174.1.s390x",
                "product": {
                  "name": "kernel-source-vanilla-3.0.101-108.174.1.s390x",
                  "product_id": "kernel-source-vanilla-3.0.101-108.174.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-debug-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-debug-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-debug-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-base-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-debug-base-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-debug-base-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-devel-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-debug-devel-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-debug-devel-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-extra-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-debug-extra-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-debug-extra-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-debug-hmac-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-debug-hmac-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-debug-hmac-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-default-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-default-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-default-base-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-default-base-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-default-devel-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-extra-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-default-extra-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-default-extra-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-hmac-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-default-hmac-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-default-hmac-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-ec2-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-ec2-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-base-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-ec2-base-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-ec2-base-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-devel-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-ec2-devel-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-ec2-devel-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-extra-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-ec2-extra-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-ec2-extra-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-hmac-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-ec2-hmac-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-ec2-hmac-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-source-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-source-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-vanilla-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-source-vanilla-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-source-vanilla-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-syms-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-syms-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-trace-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-trace-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-base-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-trace-base-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-trace-base-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-devel-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-trace-devel-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-trace-devel-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-extra-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-trace-extra-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-trace-extra-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-trace-hmac-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-trace-hmac-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-trace-hmac-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-vanilla-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-base-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-base-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-vanilla-base-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-devel-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-devel-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-vanilla-devel-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-vanilla-hmac-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-vanilla-hmac-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-vanilla-hmac-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-xen-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-xen-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-base-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-xen-base-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-xen-base-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-devel-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-xen-devel-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-xen-devel-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-extra-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-xen-extra-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-xen-extra-3.0.101-108.174.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-hmac-3.0.101-108.174.1.x86_64",
                "product": {
                  "name": "kernel-xen-hmac-3.0.101-108.174.1.x86_64",
                  "product_id": "kernel-xen-hmac-3.0.101-108.174.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
                "product": {
                  "name": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
                  "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse_sles_ltss-extreme-core:11:sp4"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-default-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-default-base-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-default-devel-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-ec2-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-ec2-base-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-ec2-devel-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-source-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-syms-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-trace-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-trace-base-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-trace-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-trace-devel-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-xen-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-base-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-xen-base-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-devel-3.0.101-108.174.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE",
          "product_id": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        },
        "product_reference": "kernel-xen-devel-3.0.101-108.174.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-1000253",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000253"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000253",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000253"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1059525 for CVE-2017-1000253",
          "url": "https://bugzilla.suse.com/1059525"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061680 for CVE-2017-1000253",
          "url": "https://bugzilla.suse.com/1061680"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1063607 for CVE-2017-1000253",
          "url": "https://bugzilla.suse.com/1063607"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1071943 for CVE-2017-1000253",
          "url": "https://bugzilla.suse.com/1071943"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072204 for CVE-2017-1000253",
          "url": "https://bugzilla.suse.com/1072204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1075506 for CVE-2017-1000253",
          "url": "https://bugzilla.suse.com/1075506"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-1000253",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1149729 for CVE-2017-1000253",
          "url": "https://bugzilla.suse.com/1149729"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-1000253"
    },
    {
      "cve": "CVE-2017-14051",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-14051"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-14051",
          "url": "https://www.suse.com/security/cve/CVE-2017-14051"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1056588 for CVE-2017-14051",
          "url": "https://bugzilla.suse.com/1056588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-14051"
    },
    {
      "cve": "CVE-2017-2636",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2636"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of service (double free) by setting the HDLC line discipline.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2636",
          "url": "https://www.suse.com/security/cve/CVE-2017-2636"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027565 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027565"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1027575 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1027575"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1028372 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1028372"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2636",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2022-20368",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-20368"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-20368",
          "url": "https://www.suse.com/security/cve/CVE-2022-20368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1202346 for CVE-2022-20368",
          "url": "https://bugzilla.suse.com/1202346"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1212311 for CVE-2022-20368",
          "url": "https://bugzilla.suse.com/1212311"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-20368"
    },
    {
      "cve": "CVE-2022-48839",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-48839"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/packet: fix slab-out-of-bounds access in packet_recvmsg()\n\nsyzbot found that when an AF_PACKET socket is using PACKET_COPY_THRESH\nand mmap operations, tpacket_rcv() is queueing skbs with\ngarbage in skb-\u003ecb[], triggering a too big copy [1]\n\nPresumably, users of af_packet using mmap() already gets correct\nmetadata from the mapped buffer, we can simply make sure\nto clear 12 bytes that might be copied to user space later.\n\nBUG: KASAN: stack-out-of-bounds in memcpy include/linux/fortify-string.h:225 [inline]\nBUG: KASAN: stack-out-of-bounds in packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489\nWrite of size 165 at addr ffffc9000385fb78 by task syz-executor233/3631\n\nCPU: 0 PID: 3631 Comm: syz-executor233 Not tainted 5.17.0-rc7-syzkaller-02396-g0b3660695e80 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0xcd/0x134 lib/dump_stack.c:106\n print_address_description.constprop.0.cold+0xf/0x336 mm/kasan/report.c:255\n __kasan_report mm/kasan/report.c:442 [inline]\n kasan_report.cold+0x83/0xdf mm/kasan/report.c:459\n check_region_inline mm/kasan/generic.c:183 [inline]\n kasan_check_range+0x13d/0x180 mm/kasan/generic.c:189\n memcpy+0x39/0x60 mm/kasan/shadow.c:66\n memcpy include/linux/fortify-string.h:225 [inline]\n packet_recvmsg+0x56c/0x1150 net/packet/af_packet.c:3489\n sock_recvmsg_nosec net/socket.c:948 [inline]\n sock_recvmsg net/socket.c:966 [inline]\n sock_recvmsg net/socket.c:962 [inline]\n ____sys_recvmsg+0x2c4/0x600 net/socket.c:2632\n ___sys_recvmsg+0x127/0x200 net/socket.c:2674\n __sys_recvmsg+0xe2/0x1a0 net/socket.c:2704\n do_syscall_x64 arch/x86/entry/common.c:50 [inline]\n do_syscall_64+0x35/0xb0 arch/x86/entry/common.c:80\n entry_SYSCALL_64_after_hwframe+0x44/0xae\nRIP: 0033:0x7fdfd5954c29\nCode: 28 00 00 00 75 05 48 83 c4 28 c3 e8 41 15 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 c0 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007ffcf8e71e48 EFLAGS: 00000246 ORIG_RAX: 000000000000002f\nRAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00007fdfd5954c29\nRDX: 0000000000000000 RSI: 0000000020000500 RDI: 0000000000000005\nRBP: 0000000000000000 R08: 000000000000000d R09: 000000000000000d\nR10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf8e71e60\nR13: 00000000000f4240 R14: 000000000000c1ff R15: 00007ffcf8e71e54\n \u003c/TASK\u003e\n\naddr ffffc9000385fb78 is located in stack of task syz-executor233/3631 at offset 32 in frame:\n ____sys_recvmsg+0x0/0x600 include/linux/uio.h:246\n\nthis frame has 1 object:\n [32, 160) \u0027addr\u0027\n\nMemory state around the buggy address:\n ffffc9000385fa80: 00 04 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 00\n ffffc9000385fb00: 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00\n\u003effffc9000385fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f3\n                                                                ^\n ffffc9000385fc00: f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1\n ffffc9000385fc80: f1 f1 f1 00 f2 f2 f2 00 f2 f2 f2 00 00 00 00 00\n==================================================================",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-48839",
          "url": "https://www.suse.com/security/cve/CVE-2022-48839"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1227985 for CVE-2022-48839",
          "url": "https://bugzilla.suse.com/1227985"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2022-48839"
    },
    {
      "cve": "CVE-2024-53146",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53146"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSD: Prevent a potential integer overflow\n\nIf the tag length is \u003e= U32_MAX - 3 then the \"length + 4\" addition\ncan result in an integer overflow. Address this by splitting the\ndecoding into several steps so that decode_cb_compound4res() does\nnot have to perform arithmetic on the unsafe length value.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53146",
          "url": "https://www.suse.com/security/cve/CVE-2024-53146"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234853 for CVE-2024-53146",
          "url": "https://bugzilla.suse.com/1234853"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234854 for CVE-2024-53146",
          "url": "https://bugzilla.suse.com/1234854"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-53146"
    },
    {
      "cve": "CVE-2024-53156",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53156"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()\n\nI found the following bug in my fuzzer:\n\n  UBSAN: array-index-out-of-bounds in drivers/net/wireless/ath/ath9k/htc_hst.c:26:51\n  index 255 is out of range for type \u0027htc_endpoint [22]\u0027\n  CPU: 0 UID: 0 PID: 8 Comm: kworker/0:0 Not tainted 6.11.0-rc6-dirty #14\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.15.0-1 04/01/2014\n  Workqueue: events request_firmware_work_func\n  Call Trace:\n   \u003cTASK\u003e\n   dump_stack_lvl+0x180/0x1b0\n   __ubsan_handle_out_of_bounds+0xd4/0x130\n   htc_issue_send.constprop.0+0x20c/0x230\n   ? _raw_spin_unlock_irqrestore+0x3c/0x70\n   ath9k_wmi_cmd+0x41d/0x610\n   ? mark_held_locks+0x9f/0xe0\n   ...\n\nSince this bug has been confirmed to be caused by insufficient verification\nof conn_rsp_epid, I think it would be appropriate to add a range check for\nconn_rsp_epid to htc_connect_service() to prevent the bug from occurring.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53156",
          "url": "https://www.suse.com/security/cve/CVE-2024-53156"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234846 for CVE-2024-53156",
          "url": "https://bugzilla.suse.com/1234846"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234847 for CVE-2024-53156",
          "url": "https://bugzilla.suse.com/1234847"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234853 for CVE-2024-53156",
          "url": "https://bugzilla.suse.com/1234853"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-53156"
    },
    {
      "cve": "CVE-2024-53173",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53173"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nNFSv4.0: Fix a use-after-free problem in the asynchronous open()\n\nYang Erkun reports that when two threads are opening files at the same\ntime, and are forced to abort before a reply is seen, then the call to\nnfs_release_seqid() in nfs4_opendata_free() can result in a\nuse-after-free of the pointer to the defunct rpc task of the other\nthread.\nThe fix is to ensure that if the RPC call is aborted before the call to\nnfs_wait_on_sequence() is complete, then we must call nfs_release_seqid()\nin nfs4_open_release() before the rpc_task is freed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53173",
          "url": "https://www.suse.com/security/cve/CVE-2024-53173"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234853 for CVE-2024-53173",
          "url": "https://bugzilla.suse.com/1234853"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234891 for CVE-2024-53173",
          "url": "https://bugzilla.suse.com/1234891"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234892 for CVE-2024-53173",
          "url": "https://bugzilla.suse.com/1234892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-53173"
    },
    {
      "cve": "CVE-2024-53239",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-53239"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: 6fire: Release resources at card release\n\nThe current 6fire code tries to release the resources right after the\ncall of usb6fire_chip_abort().  But at this moment, the card object\nmight be still in use (as we\u0027re calling snd_card_free_when_closed()).\n\nFor avoid potential UAFs, move the release of resources to the card\u0027s\nprivate_free instead of the manual call of usb6fire_chip_destroy() at\nthe USB disconnect callback.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-53239",
          "url": "https://www.suse.com/security/cve/CVE-2024-53239"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234853 for CVE-2024-53239",
          "url": "https://bugzilla.suse.com/1234853"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235054 for CVE-2024-53239",
          "url": "https://bugzilla.suse.com/1235054"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235055 for CVE-2024-53239",
          "url": "https://bugzilla.suse.com/1235055"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-53239"
    },
    {
      "cve": "CVE-2024-56539",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56539"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan()\n\nReplace one-element array with a flexible-array member in `struct\nmwifiex_ie_types_wildcard_ssid_params` to fix the following warning\non a MT8173 Chromebook (mt8173-elm-hana):\n\n[  356.775250] ------------[ cut here ]------------\n[  356.784543] memcpy: detected field-spanning write (size 6) of single field \"wildcard_ssid_tlv-\u003essid\" at drivers/net/wireless/marvell/mwifiex/scan.c:904 (size 1)\n[  356.813403] WARNING: CPU: 3 PID: 742 at drivers/net/wireless/marvell/mwifiex/scan.c:904 mwifiex_scan_networks+0x4fc/0xf28 [mwifiex]\n\nThe \"(size 6)\" above is exactly the length of the SSID of the network\nthis device was connected to. The source of the warning looks like:\n\n    ssid_len = user_scan_in-\u003essid_list[i].ssid_len;\n    [...]\n    memcpy(wildcard_ssid_tlv-\u003essid,\n           user_scan_in-\u003essid_list[i].ssid, ssid_len);\n\nThere is a #define WILDCARD_SSID_TLV_MAX_SIZE that uses sizeof() on this\nstruct, but it already didn\u0027t account for the size of the one-element\narray, so it doesn\u0027t need to be changed.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56539",
          "url": "https://www.suse.com/security/cve/CVE-2024-56539"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234853 for CVE-2024-56539",
          "url": "https://bugzilla.suse.com/1234853"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234963 for CVE-2024-56539",
          "url": "https://bugzilla.suse.com/1234963"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234964 for CVE-2024-56539",
          "url": "https://bugzilla.suse.com/1234964"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-56539"
    },
    {
      "cve": "CVE-2024-56548",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56548"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nhfsplus: don\u0027t query the device logical block size multiple times\n\nDevices block sizes may change. One of these cases is a loop device by\nusing ioctl LOOP_SET_BLOCK_SIZE.\n\nWhile this may cause other issues like IO being rejected, in the case of\nhfsplus, it will allocate a block by using that size and potentially write\nout-of-bounds when hfsplus_read_wrapper calls hfsplus_submit_bio and the\nlatter function reads a different io_size.\n\nUsing a new min_io_size initally set to sb_min_blocksize works for the\npurposes of the original fix, since it will be set to the max between\nHFSPLUS_SECTOR_SIZE and the first seen logical block size. We still use the\nmax between HFSPLUS_SECTOR_SIZE and min_io_size in case the latter is not\ninitialized.\n\nTested by mounting an hfsplus filesystem with loop block sizes 512, 1024\nand 4096.\n\nThe produced KASAN report before the fix looks like this:\n\n[  419.944641] ==================================================================\n[  419.945655] BUG: KASAN: slab-use-after-free in hfsplus_read_wrapper+0x659/0xa0a\n[  419.946703] Read of size 2 at addr ffff88800721fc00 by task repro/10678\n[  419.947612]\n[  419.947846] CPU: 0 UID: 0 PID: 10678 Comm: repro Not tainted 6.12.0-rc5-00008-gdf56e0f2f3ca #84\n[  419.949007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n[  419.950035] Call Trace:\n[  419.950384]  \u003cTASK\u003e\n[  419.950676]  dump_stack_lvl+0x57/0x78\n[  419.951212]  ? hfsplus_read_wrapper+0x659/0xa0a\n[  419.951830]  print_report+0x14c/0x49e\n[  419.952361]  ? __virt_addr_valid+0x267/0x278\n[  419.952979]  ? kmem_cache_debug_flags+0xc/0x1d\n[  419.953561]  ? hfsplus_read_wrapper+0x659/0xa0a\n[  419.954231]  kasan_report+0x89/0xb0\n[  419.954748]  ? hfsplus_read_wrapper+0x659/0xa0a\n[  419.955367]  hfsplus_read_wrapper+0x659/0xa0a\n[  419.955948]  ? __pfx_hfsplus_read_wrapper+0x10/0x10\n[  419.956618]  ? do_raw_spin_unlock+0x59/0x1a9\n[  419.957214]  ? _raw_spin_unlock+0x1a/0x2e\n[  419.957772]  hfsplus_fill_super+0x348/0x1590\n[  419.958355]  ? hlock_class+0x4c/0x109\n[  419.958867]  ? __pfx_hfsplus_fill_super+0x10/0x10\n[  419.959499]  ? __pfx_string+0x10/0x10\n[  419.960006]  ? lock_acquire+0x3e2/0x454\n[  419.960532]  ? bdev_name.constprop.0+0xce/0x243\n[  419.961129]  ? __pfx_bdev_name.constprop.0+0x10/0x10\n[  419.961799]  ? pointer+0x3f0/0x62f\n[  419.962277]  ? __pfx_pointer+0x10/0x10\n[  419.962761]  ? vsnprintf+0x6c4/0xfba\n[  419.963178]  ? __pfx_vsnprintf+0x10/0x10\n[  419.963621]  ? setup_bdev_super+0x376/0x3b3\n[  419.964029]  ? snprintf+0x9d/0xd2\n[  419.964344]  ? __pfx_snprintf+0x10/0x10\n[  419.964675]  ? lock_acquired+0x45c/0x5e9\n[  419.965016]  ? set_blocksize+0x139/0x1c1\n[  419.965381]  ? sb_set_blocksize+0x6d/0xae\n[  419.965742]  ? __pfx_hfsplus_fill_super+0x10/0x10\n[  419.966179]  mount_bdev+0x12f/0x1bf\n[  419.966512]  ? __pfx_mount_bdev+0x10/0x10\n[  419.966886]  ? vfs_parse_fs_string+0xce/0x111\n[  419.967293]  ? __pfx_vfs_parse_fs_string+0x10/0x10\n[  419.967702]  ? __pfx_hfsplus_mount+0x10/0x10\n[  419.968073]  legacy_get_tree+0x104/0x178\n[  419.968414]  vfs_get_tree+0x86/0x296\n[  419.968751]  path_mount+0xba3/0xd0b\n[  419.969157]  ? __pfx_path_mount+0x10/0x10\n[  419.969594]  ? kmem_cache_free+0x1e2/0x260\n[  419.970311]  do_mount+0x99/0xe0\n[  419.970630]  ? __pfx_do_mount+0x10/0x10\n[  419.971008]  __do_sys_mount+0x199/0x1c9\n[  419.971397]  do_syscall_64+0xd0/0x135\n[  419.971761]  entry_SYSCALL_64_after_hwframe+0x76/0x7e\n[  419.972233] RIP: 0033:0x7c3cb812972e\n[  419.972564] Code: 48 8b 0d f5 46 0d 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 8b 0d c2 46 0d 00 f7 d8 64 89 01 48\n[  419.974371] RSP: 002b:00007ffe30632548 EFLAGS: 00000286 ORIG_RAX: 00000000000000a5\n[  419.975048] RAX: ffffffffffffffda RBX: 00007ffe306328d8 RCX: 00007c3cb812972e\n[  419.975701] RDX: 0000000020000000 RSI: 0000000020000c80 RDI:\n---truncated---",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56548",
          "url": "https://www.suse.com/security/cve/CVE-2024-56548"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234853 for CVE-2024-56548",
          "url": "https://bugzilla.suse.com/1234853"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235073 for CVE-2024-56548",
          "url": "https://bugzilla.suse.com/1235073"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235074 for CVE-2024-56548",
          "url": "https://bugzilla.suse.com/1235074"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-56548"
    },
    {
      "cve": "CVE-2024-56598",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56598"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\njfs: array-index-out-of-bounds fix in dtReadFirst\n\nThe value of stbl can be sometimes out of bounds due\nto a bad filesystem. Added a check with appopriate return\nof error code in that case.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56598",
          "url": "https://www.suse.com/security/cve/CVE-2024-56598"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235220 for CVE-2024-56598",
          "url": "https://bugzilla.suse.com/1235220"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235221 for CVE-2024-56598",
          "url": "https://bugzilla.suse.com/1235221"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-56598"
    },
    {
      "cve": "CVE-2024-56604",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56604"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc()\n\nbt_sock_alloc() attaches allocated sk object to the provided sock object.\nIf rfcomm_dlc_alloc() fails, we release the sk object, but leave the\ndangling pointer in the sock object, which may cause use-after-free.\n\nFix this by swapping calls to bt_sock_alloc() and rfcomm_dlc_alloc().",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56604",
          "url": "https://www.suse.com/security/cve/CVE-2024-56604"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235056 for CVE-2024-56604",
          "url": "https://bugzilla.suse.com/1235056"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235058 for CVE-2024-56604",
          "url": "https://bugzilla.suse.com/1235058"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-56604"
    },
    {
      "cve": "CVE-2024-56605",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56605"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create()\n\nbt_sock_alloc() allocates the sk object and attaches it to the provided\nsock object. On error l2cap_sock_alloc() frees the sk object, but the\ndangling pointer is still attached to the sock object, which may create\nuse-after-free in other code.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56605",
          "url": "https://www.suse.com/security/cve/CVE-2024-56605"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1234853 for CVE-2024-56605",
          "url": "https://bugzilla.suse.com/1234853"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235061 for CVE-2024-56605",
          "url": "https://bugzilla.suse.com/1235061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235062 for CVE-2024-56605",
          "url": "https://bugzilla.suse.com/1235062"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-56605"
    },
    {
      "cve": "CVE-2024-56619",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-56619"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()\n\nSyzbot reported that when searching for records in a directory where the\ninode\u0027s i_size is corrupted and has a large value, memory access outside\nthe folio/page range may occur, or a use-after-free bug may be detected if\nKASAN is enabled.\n\nThis is because nilfs_last_byte(), which is called by nilfs_find_entry()\nand others to calculate the number of valid bytes of directory data in a\npage from i_size and the page index, loses the upper 32 bits of the 64-bit\nsize information due to an inappropriate type of local variable to which\nthe i_size value is assigned.\n\nThis caused a large byte offset value due to underflow in the end address\ncalculation in the calling nilfs_find_entry(), resulting in memory access\nthat exceeds the folio/page size.\n\nFix this issue by changing the type of the local variable causing the bit\nloss from \"unsigned int\" to \"u64\".  The return value of nilfs_last_byte()\nis also of type \"unsigned int\", but it is truncated so as not to exceed\nPAGE_SIZE and no bit loss occurs, so no change is required.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
          "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-56619",
          "url": "https://www.suse.com/security/cve/CVE-2024-56619"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235224 for CVE-2024-56619",
          "url": "https://bugzilla.suse.com/1235224"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1235225 for CVE-2024-56619",
          "url": "https://bugzilla.suse.com/1235225"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-default-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-ec2-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-source-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-syms-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-trace-devel-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-base-3.0.101-108.174.1.x86_64",
            "SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE:kernel-xen-devel-3.0.101-108.174.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-01-17T09:13:58Z",
          "details": "important"
        }
      ],
      "title": "CVE-2024-56619"
    }
  ]
}

WID-SEC-W-2025-0117

Vulnerability from csaf_certbund - Published: 2017-03-07 23:00 - Updated: 2025-01-19 23:00

Summary

Linux Kernel: Mehrere Schwachstellen

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff: Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um administrative Privilegien zu erlangen, einen Denial of Service Angriff durchzuführen oder Sicherheitsmechanismen zu umgehen.

Betroffene Betriebssysteme: - Linux

CVE-2016-10200

Es existiert eine Schwachstelle im Linux Kernel im Zusammenhang mit der l2tp_ip6_bind() Funktion in der L2TPv3 IP Encapsulation. Ein lokaler Angreifer kann ein Racecondition auslösen, um dadurch einen Denial of Service Zustand herbeizuführen oder um seine Privilegien zu erhöhen.

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:v.7.3:aus`	7
Ubuntu Linux 12.04 LTS Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:12.04:-:lts`	12.04 LTS
Ubuntu Linux 16.04 LTS Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:16.04_lts`	16.04 LTS
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux 16.10 Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:16.10`	16.1
Red Hat Enterprise MRG 2 Red Hat / Enterprise MRG	`cpe:/a:redhat:enterprise_mrg:2.0`	2
Ubuntu Linux 14.04 LTS Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:14.04:-:lts`	14.04 LTS
Red Hat Enterprise Linux 6 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:6`	6
Open Source Linux Kernel <4.10.1 Open Source / Linux Kernel		<4.10.1
Open Source Linux Kernel <4.8.14 Open Source / Linux Kernel		<4.8.14
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

CVE-2017-2636

Es existiert eine Schwachstelle im Linux Kernel im Zusammenhang mit dem N_HLDC Linux kernel Treiber (drivers/tty/n_hdlc.c). Ein lokaler Angreifer kann die Schwachstelle nutzen, um administrative Privilegien erlangen oder einen Denial of Service Angriff durchführen.

Affected products

Known affected 13 products

Product	Identifier	Version
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:v.7.3:aus`	7
Ubuntu Linux 16.04 LTS Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:16.04_lts`	16.04 LTS
Ubuntu Linux 16.10 Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:16.10`	16.1
Ubuntu Linux 14.04 LTS Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:14.04:-:lts`	14.04 LTS
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Ubuntu Linux 12.04 LTS Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:12.04:-:lts`	12.04 LTS
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat Enterprise MRG 2 Red Hat / Enterprise MRG	`cpe:/a:redhat:enterprise_mrg:2.0`	2
Red Hat Enterprise Linux 6 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:6`	6
Open Source Linux Kernel <4.10.1 Open Source / Linux Kernel		<4.10.1
Open Source Linux Kernel <4.8.14 Open Source / Linux Kernel		<4.8.14
F5 Enterprise Manager 3.1.1 F5 / Enterprise Manager	`cpe:/a:f5:enterprise_manager:3.1.1`	3.1.1
F5 BIG-IP 13.0.0 F5 / BIG-IP	`cpe:/a:f5:big-ip:13.0.0`	13.0.0

CVE-2017-6590

Es existiert eine Schwachstelle im Linux Kernel in Zusammenhang mit dem network-manager-applet in GNOME. Ein Angreifer mit physikalischem Zugang zum System kann diese Schwachstelle nutzen, um Sicherheitsmechanismen zu umgehen und Zugriff auf das lokale Dateisystem eines gesperrten Clients zur erlangen. Für einen erfolgreichen Anfgriff muss Wi-fi aktiviert sein.

Affected products

Known affected 11 products

Product	Identifier	Version
Red Hat Enterprise Linux 7 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:v.7.3:aus`	7
Ubuntu Linux 12.04 LTS Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:12.04:-:lts`	12.04 LTS
Ubuntu Linux 16.04 LTS Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:16.04_lts`	16.04 LTS
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Ubuntu Linux 16.10 Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:16.10`	16.1
Red Hat Enterprise MRG 2 Red Hat / Enterprise MRG	`cpe:/a:redhat:enterprise_mrg:2.0`	2
Ubuntu Linux 14.04 LTS Ubuntu / Linux	`cpe:/o:canonical:ubuntu_linux:14.04:-:lts`	14.04 LTS
Red Hat Enterprise Linux 6 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:6`	6
Open Source Linux Kernel <4.10.1 Open Source / Linux Kernel		<4.10.1
Open Source Linux Kernel <4.8.14 Open Source / Linux Kernel		<4.8.14
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—

References

68 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.ubuntu.com/usn/usn-3218-1/	external
https://www.ubuntu.com/usn/usn-3219-1/	external
https://www.ubuntu.com/usn/usn-3220-1/	external
https://www.ubuntu.com/usn/usn-3221-1/	external
https://www.ubuntu.com/usn/usn-3217-1/	external
http://seclists.org/oss-sec/2017/q1/569	external
https://access.redhat.com/security/cve/CVE-2017-2636	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2017-3533.html	external
http://linux.oracle.com/errata/ELSA-2017-3534.html	external
http://linux.oracle.com/errata/ELSA-2017-3535.html	external
https://lists.opensuse.org/opensuse-security-anno…	external
https://lists.opensuse.org/opensuse-security-anno…	external
https://access.redhat.com/errata/RHSA-2017:0892	external
http://linux.oracle.com/errata/ELSA-2017-0892.html	external
https://access.redhat.com/errata/RHSA-2017:0933	external
https://access.redhat.com/errata/RHSA-2017:0931	external
https://access.redhat.com/errata/RHSA-2017:0932	external
http://linux.oracle.com/errata/ELSA-2017-0933.html	external
https://access.redhat.com/errata/RHSA-2017:0986	external
https://access.redhat.com/errata/RHSA-2017:1126	external
https://access.redhat.com/errata/RHSA-2017:1125	external
https://support.f5.com/csp/article/K68852819	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2017-3567.html	external
https://access.redhat.com/errata/RHSA-2017:1233	external
https://access.redhat.com/errata/RHSA-2017:1232	external
https://www.suse.com/support/update/announcement/…	external
https://access.redhat.com/errata/RHSA-2017:1488	external
https://www.suse.com/support/update/announcement/…	external
https://access.redhat.com/errata/RHSA-2017:2077	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://www.suse.com/support/update/announcement/…	external
https://access.redhat.com/errata/RHSA-2017:2444	external
https://access.redhat.com/errata/RHSA-2017:2437	external
http://linux.oracle.com/errata/ELSA-2017-3605.html	external
http://linux.oracle.com/errata/ELSA-2017-3606.html	external
http://linux.oracle.com/errata/ELSA-2017-3609.html	external
https://www.suse.com/support/update/announcement/…	external
http://www.ubuntu.com/usn/usn-3422-2/	external
http://www.ubuntu.com/usn/usn-3422-1/	external
https://www.suse.com/support/update/announcement/…	external
http://linux.oracle.com/errata/ELSA-2017-3658.html	external
http://linux.oracle.com/errata/ELSA-2018-4021.html	external
https://support.f5.com/csp/article/K18015201	external
http://linux.oracle.com/errata/ELSA-2018-1854.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um administrative Privilegien zu erlangen, einen Denial of Service Angriff durchzuf\u00fchren oder Sicherheitsmechanismen zu umgehen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2025-0117 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2025-0117.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2025-0117 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0117"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3218 vom 2017-03-07",
        "url": "https://www.ubuntu.com/usn/usn-3218-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3219 vom 2017-03-07",
        "url": "https://www.ubuntu.com/usn/usn-3219-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3220 vom 2017-03-07",
        "url": "https://www.ubuntu.com/usn/usn-3220-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3221 vom 2017-03-07",
        "url": "https://www.ubuntu.com/usn/usn-3221-1/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3217 vom 2017-03-07",
        "url": "https://www.ubuntu.com/usn/usn-3217-1/"
      },
      {
        "category": "external",
        "summary": "Meldung auf der oss-sec Mailliste vom 2017-03-07",
        "url": "http://seclists.org/oss-sec/2017/q1/569"
      },
      {
        "category": "external",
        "summary": "Eintrag im Red Hat CVE Database CVE-2017-2336 vom 2017-03-07",
        "url": "https://access.redhat.com/security/cve/CVE-2017-2636"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:0864-1 vom 2017-03-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170864-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:0866-1 vom 2017-03-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170866-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:0865-1 vom 2017-03-30",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20170865-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-3533 vom 2017-04-01",
        "url": "http://linux.oracle.com/errata/ELSA-2017-3533.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-3534 vom 2017-04-01",
        "url": "http://linux.oracle.com/errata/ELSA-2017-3534.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-3535 vom 2017-04-01",
        "url": "http://linux.oracle.com/errata/ELSA-2017-3535.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:0913-1 vom 2017-04-03",
        "url": "https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00005.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:0912-1 vom 2017-04-03",
        "url": "https://lists.opensuse.org/opensuse-security-announce/2017-04/msg00004.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:0892 vom 2017-04-11",
        "url": "https://access.redhat.com/errata/RHSA-2017:0892"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-0892 vom 2017-04-11",
        "url": "http://linux.oracle.com/errata/ELSA-2017-0892.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:0933 vom 2017-04-12",
        "url": "https://access.redhat.com/errata/RHSA-2017:0933"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:0931 vom 2017-04-12",
        "url": "https://access.redhat.com/errata/RHSA-2017:0931"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:0932 vom 2017-04-12",
        "url": "https://access.redhat.com/errata/RHSA-2017:0932"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-0933 vom 2017-04-13",
        "url": "http://linux.oracle.com/errata/ELSA-2017-0933.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:0986 vom 2017-04-18",
        "url": "https://access.redhat.com/errata/RHSA-2017:0986"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:1126 vom 2017-04-25",
        "url": "https://access.redhat.com/errata/RHSA-2017:1126"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:1125 vom 2017-04-25",
        "url": "https://access.redhat.com/errata/RHSA-2017:1125"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory K68852819 vom 2017-05-02",
        "url": "https://support.f5.com/csp/article/K68852819"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:1183-1 vom 2017-05-06",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171183-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:1247-1 vom 2017-05-12",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171247-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:1301-1 vom 2017-05-16",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171301-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-3567 vom 2017-05-16",
        "url": "http://linux.oracle.com/errata/ELSA-2017-3567.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:1233 vom 2017-05-16",
        "url": "https://access.redhat.com/errata/RHSA-2017:1233"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:1232 vom 2017-05-16",
        "url": "https://access.redhat.com/errata/RHSA-2017:1232"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:1360-1 vom 2017-05-20",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171360-1.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:1488 vom 2017-06-19",
        "url": "https://access.redhat.com/errata/RHSA-2017:1488"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:1990-1 vom 2017-07-28",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171990-1.html"
      },
      {
        "category": "external",
        "summary": "RedHat Security Advisory RHSA-2017:2077",
        "url": "https://access.redhat.com/errata/RHSA-2017:2077"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2049-1 vom 2017-08-05",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172049-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2043-1 vom 2017-08-05",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172043-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2060-1 vom 2017-08-07",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172060-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2061-1 vom 2017-08-07",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172061-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2068-1 vom 2017-08-07",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172068-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2067-1 vom 2017-08-07",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172067-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2063-1 vom 2017-08-07",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172063-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2065-1 vom 2017-08-07",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172065-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2062-1 vom 2017-08-07",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172062-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2073-1 vom 2017-08-08",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172073-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2072-1 vom 2017-08-08",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172072-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2095-1 vom 2017-08-09",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172095-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2093-1 vom 2017-08-09",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172093-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2088-1 vom 2017-08-09",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172088-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2092-1 vom 2017-08-09",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172092-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2099-1 vom 2017-08-09",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172099-1.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2096-1 vom 2017-08-09",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172096-1.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:2444 vom 2017-08-08",
        "url": "https://access.redhat.com/errata/RHSA-2017:2444"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2017:2437 vom 2017-08-08",
        "url": "https://access.redhat.com/errata/RHSA-2017:2437"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-3605 vom 2017-08-17",
        "url": "http://linux.oracle.com/errata/ELSA-2017-3605.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-3606 vom 2017-08-18",
        "url": "http://linux.oracle.com/errata/ELSA-2017-3606.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-3609 vom 2017-08-24",
        "url": "http://linux.oracle.com/errata/ELSA-2017-3609.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2342-1 vom 2017-09-05",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172342-1.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3422-1 vom 2017-09-19",
        "url": "http://www.ubuntu.com/usn/usn-3422-2/"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-3422-1 vom 2017-09-19",
        "url": "http://www.ubuntu.com/usn/usn-3422-1/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2017:2525-1 vom 2017-09-19",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172525-1.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2017-3658 vom 2017-12-08",
        "url": "http://linux.oracle.com/errata/ELSA-2017-3658.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-4021 vom 2018-01-28",
        "url": "http://linux.oracle.com/errata/ELSA-2018-4021.html"
      },
      {
        "category": "external",
        "summary": "F5 Security Advisory K18015201 vom 2018-04-03",
        "url": "https://support.f5.com/csp/article/K18015201"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2018-1854 vom 2018-06-26",
        "url": "http://linux.oracle.com/errata/ELSA-2018-1854.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:0152-1 vom 2025-01-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-January/020152.html"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-01-19T23:00:00.000+00:00",
      "generator": {
        "date": "2025-01-20T09:28:13.447+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.10"
        }
      },
      "id": "WID-SEC-W-2025-0117",
      "initial_release_date": "2017-03-07T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2017-03-07T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initial Release"
        },
        {
          "date": "2017-03-07T23:00:00.000+00:00",
          "number": "2",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-03-07T23:00:00.000+00:00",
          "number": "3",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-03-09T23:00:00.000+00:00",
          "number": "4",
          "summary": "CVE added"
        },
        {
          "date": "2017-03-09T23:00:00.000+00:00",
          "number": "5",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2017-03-09T23:00:00.000+00:00",
          "number": "6",
          "summary": "Added references"
        },
        {
          "date": "2017-04-02T22:00:00.000+00:00",
          "number": "7",
          "summary": "New remediations available"
        },
        {
          "date": "2017-04-03T22:00:00.000+00:00",
          "number": "8",
          "summary": "New remediations available"
        },
        {
          "date": "2017-04-11T22:00:00.000+00:00",
          "number": "9",
          "summary": "New remediations available"
        },
        {
          "date": "2017-04-12T22:00:00.000+00:00",
          "number": "10",
          "summary": "New remediations available"
        },
        {
          "date": "2017-04-18T22:00:00.000+00:00",
          "number": "11",
          "summary": "New remediations available"
        },
        {
          "date": "2017-04-25T22:00:00.000+00:00",
          "number": "12",
          "summary": "New remediations available"
        },
        {
          "date": "2017-05-01T22:00:00.000+00:00",
          "number": "13",
          "summary": "New remediations available"
        },
        {
          "date": "2017-05-07T22:00:00.000+00:00",
          "number": "14",
          "summary": "New remediations available"
        },
        {
          "date": "2017-05-11T22:00:00.000+00:00",
          "number": "15",
          "summary": "New remediations available"
        },
        {
          "date": "2017-05-15T22:00:00.000+00:00",
          "number": "16",
          "summary": "New remediations available"
        },
        {
          "date": "2017-05-16T22:00:00.000+00:00",
          "number": "17",
          "summary": "New remediations available"
        },
        {
          "date": "2017-05-21T22:00:00.000+00:00",
          "number": "18",
          "summary": "New remediations available"
        },
        {
          "date": "2017-06-19T22:00:00.000+00:00",
          "number": "19",
          "summary": "New remediations available"
        },
        {
          "date": "2017-07-09T22:00:00.000+00:00",
          "number": "20",
          "summary": "Added references"
        },
        {
          "date": "2017-08-01T22:00:00.000+00:00",
          "number": "21",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-06T22:00:00.000+00:00",
          "number": "22",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-07T22:00:00.000+00:00",
          "number": "23",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-08T22:00:00.000+00:00",
          "number": "24",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-08T22:00:00.000+00:00",
          "number": "25",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-08T22:00:00.000+00:00",
          "number": "26",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-17T22:00:00.000+00:00",
          "number": "27",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-20T22:00:00.000+00:00",
          "number": "28",
          "summary": "New remediations available"
        },
        {
          "date": "2017-08-23T22:00:00.000+00:00",
          "number": "29",
          "summary": "New remediations available"
        },
        {
          "date": "2017-09-04T22:00:00.000+00:00",
          "number": "30",
          "summary": "New remediations available"
        },
        {
          "date": "2017-09-18T22:00:00.000+00:00",
          "number": "31",
          "summary": "New remediations available"
        },
        {
          "date": "2017-09-19T22:00:00.000+00:00",
          "number": "32",
          "summary": "New remediations available"
        },
        {
          "date": "2017-12-10T23:00:00.000+00:00",
          "number": "33",
          "summary": "New remediations available"
        },
        {
          "date": "2017-12-10T23:00:00.000+00:00",
          "number": "34",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2018-01-28T23:00:00.000+00:00",
          "number": "35",
          "summary": "New remediations available"
        },
        {
          "date": "2018-04-03T22:00:00.000+00:00",
          "number": "36",
          "summary": "New remediations available"
        },
        {
          "date": "2018-04-03T22:00:00.000+00:00",
          "number": "37",
          "summary": "Version nicht vorhanden"
        },
        {
          "date": "2018-06-26T22:00:00.000+00:00",
          "number": "38",
          "summary": "New remediations available"
        },
        {
          "date": "2025-01-19T23:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von SUSE aufgenommen"
        }
      ],
      "status": "final",
      "version": "39"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "13.0.0",
                "product": {
                  "name": "F5 BIG-IP 13.0.0",
                  "product_id": "T009498",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:big-ip:13.0.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "BIG-IP"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.1.1",
                "product": {
                  "name": "F5 Enterprise Manager 3.1.1",
                  "product_id": "269870",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:f5:enterprise_manager:3.1.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Manager"
          }
        ],
        "category": "vendor",
        "name": "F5"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.8.14",
                "product": {
                  "name": "Open Source Linux Kernel \u003c4.8.14",
                  "product_id": "T009131"
                }
              },
              {
                "category": "product_version",
                "name": "4.8.14",
                "product": {
                  "name": "Open Source Linux Kernel 4.8.14",
                  "product_id": "T009131-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:4.8.14"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c4.10.1",
                "product": {
                  "name": "Open Source Linux Kernel \u003c4.10.1",
                  "product_id": "T009484"
                }
              },
              {
                "category": "product_version",
                "name": "4.10.1",
                "product": {
                  "name": "Open Source Linux Kernel 4.10.1",
                  "product_id": "T009484-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:linux:linux_kernel:4.10.1"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Linux Kernel"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "6",
                "product": {
                  "name": "Red Hat Enterprise Linux 6",
                  "product_id": "120737",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:6"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7",
                "product": {
                  "name": "Red Hat Enterprise Linux 7",
                  "product_id": "T008931",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:v.7.3:aus"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "2",
                "product": {
                  "name": "Red Hat Enterprise MRG 2",
                  "product_id": "152304",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:enterprise_mrg:2.0"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise MRG"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "12.04 LTS",
                "product": {
                  "name": "Ubuntu Linux 12.04 LTS",
                  "product_id": "170497",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "14.04 LTS",
                "product": {
                  "name": "Ubuntu Linux 14.04 LTS",
                  "product_id": "T003005",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:canonical:ubuntu_linux:14.04:-:lts"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "16.04 LTS",
                "product": {
                  "name": "Ubuntu Linux 16.04 LTS",
                  "product_id": "T007521",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:canonical:ubuntu_linux:16.04_lts"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "16.1",
                "product": {
                  "name": "Ubuntu Linux 16.10",
                  "product_id": "T008726",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:canonical:ubuntu_linux:16.10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Linux"
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2016-10200",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle im Linux Kernel im Zusammenhang mit der l2tp_ip6_bind() Funktion in der L2TPv3 IP Encapsulation. Ein lokaler Angreifer kann ein Racecondition ausl\u00f6sen, um dadurch einen Denial of Service Zustand herbeizuf\u00fchren oder um seine Privilegien zu erh\u00f6hen."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008931",
          "170497",
          "T007521",
          "T002207",
          "T008726",
          "152304",
          "T003005",
          "120737",
          "T009484",
          "T009131",
          "T004914"
        ]
      },
      "release_date": "2017-03-07T23:00:00.000+00:00",
      "title": "CVE-2016-10200"
    },
    {
      "cve": "CVE-2017-2636",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle im Linux Kernel im Zusammenhang mit dem N_HLDC Linux kernel Treiber (drivers/tty/n_hdlc.c). Ein lokaler Angreifer kann die Schwachstelle nutzen, um administrative Privilegien erlangen oder einen Denial of Service Angriff durchf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008931",
          "T007521",
          "T008726",
          "T003005",
          "T004914",
          "170497",
          "T002207",
          "152304",
          "120737",
          "T009484",
          "T009131",
          "269870",
          "T009498"
        ]
      },
      "release_date": "2017-03-07T23:00:00.000+00:00",
      "title": "CVE-2017-2636"
    },
    {
      "cve": "CVE-2017-6590",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle im Linux Kernel in Zusammenhang mit dem network-manager-applet in GNOME. Ein Angreifer mit physikalischem Zugang zum System kann diese Schwachstelle nutzen, um Sicherheitsmechanismen zu umgehen und Zugriff auf das lokale Dateisystem eines gesperrten Clients zur erlangen. F\u00fcr einen erfolgreichen Anfgriff muss Wi-fi aktiviert sein."
        }
      ],
      "product_status": {
        "known_affected": [
          "T008931",
          "170497",
          "T007521",
          "T002207",
          "T008726",
          "152304",
          "T003005",
          "120737",
          "T009484",
          "T009131",
          "T004914"
        ]
      },
      "release_date": "2017-03-07T23:00:00.000+00:00",
      "title": "CVE-2017-6590"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-2636 (GCVE-0-2017-2636)

Tags

Sightings

Nomenclature