Vulnerability-Lookup

CVE-2017-7518 (GCVE-0-2017-7518)

Vulnerability from cvelistv5 – Published: 2018-07-30 13:00 – Updated: 2024-08-05 16:04

Summary

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.

Severity

5.5 (Medium)


                        
                          CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE

CWE-250

Assigner

redhat

References

12 references

URL	Tags
https://access.redhat.com/errata/RHSA-2018:0412	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/articles/3290921	x_refsource_CONFIRM
https://usn.ubuntu.com/3619-2/	vendor-advisoryx_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2018:0395	vendor-advisoryx_refsource_REDHAT
https://usn.ubuntu.com/3754-1/	vendor-advisoryx_refsource_UBUNTU
http://www.securitytracker.com/id/1038782	vdb-entryx_refsource_SECTRACK
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2…	x_refsource_CONFIRM
http://www.openwall.com/lists/oss-security/2017/06/23/5	mailing-listx_refsource_MLIST
https://usn.ubuntu.com/3619-1/	vendor-advisoryx_refsource_UBUNTU
https://www.debian.org/security/2017/dsa-3981	vendor-advisoryx_refsource_DEBIAN
https://www.spinics.net/lists/kvm/msg151817.html	mailing-listx_refsource_MLIST
http://www.securityfocus.com/bid/99263	vdb-entryx_refsource_BID

Impacted products

1 product

Vendor	Product	Version
[UNKNOWN]	Kernel:	Affected: 4.12

Date Public

2017-06-22 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T16:04:11.892Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2018:0412",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0412"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/articles/3290921"
          },
          {
            "name": "USN-3619-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-2/"
          },
          {
            "name": "RHSA-2018:0395",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2018:0395"
          },
          {
            "name": "USN-3754-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3754-1/"
          },
          {
            "name": "1038782",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1038782"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518"
          },
          {
            "name": "[oss-security] 20170623 CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2017/06/23/5"
          },
          {
            "name": "USN-3619-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/3619-1/"
          },
          {
            "name": "DSA-3981",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2017/dsa-3981"
          },
          {
            "name": "[kvm] 20170622 [PATCH] KVM: x86: fix singlestepping over syscall",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://www.spinics.net/lists/kvm/msg151817.html"
          },
          {
            "name": "99263",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/99263"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Kernel:",
          "vendor": "[UNKNOWN]",
          "versions": [
            {
              "status": "affected",
              "version": "4.12"
            }
          ]
        }
      ],
      "datePublic": "2017-06-22T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "CWE-250",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-08-24T09:57:01.000Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2018:0412",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0412"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://access.redhat.com/articles/3290921"
        },
        {
          "name": "USN-3619-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-2/"
        },
        {
          "name": "RHSA-2018:0395",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2018:0395"
        },
        {
          "name": "USN-3754-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3754-1/"
        },
        {
          "name": "1038782",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1038782"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518"
        },
        {
          "name": "[oss-security] 20170623 CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2017/06/23/5"
        },
        {
          "name": "USN-3619-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/3619-1/"
        },
        {
          "name": "DSA-3981",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "https://www.debian.org/security/2017/dsa-3981"
        },
        {
          "name": "[kvm] 20170622 [PATCH] KVM: x86: fix singlestepping over syscall",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://www.spinics.net/lists/kvm/msg151817.html"
        },
        {
          "name": "99263",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/99263"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2017-7518",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Kernel:",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "4.12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "[UNKNOWN]"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this."
            }
          ]
        },
        "impact": {
          "cvss": [
            [
              {
                "vectorString": "5.5/CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            ],
            [
              {
                "vectorString": "5.4/AV:A/AC:M/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ]
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-250"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2018:0412",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0412"
            },
            {
              "name": "https://access.redhat.com/articles/3290921",
              "refsource": "CONFIRM",
              "url": "https://access.redhat.com/articles/3290921"
            },
            {
              "name": "USN-3619-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-2/"
            },
            {
              "name": "RHSA-2018:0395",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2018:0395"
            },
            {
              "name": "USN-3754-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3754-1/"
            },
            {
              "name": "1038782",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1038782"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518"
            },
            {
              "name": "[oss-security] 20170623 CVE-2017-7518 Kernel: KVM: debug exception via syscall emulation",
              "refsource": "MLIST",
              "url": "http://www.openwall.com/lists/oss-security/2017/06/23/5"
            },
            {
              "name": "USN-3619-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/3619-1/"
            },
            {
              "name": "DSA-3981",
              "refsource": "DEBIAN",
              "url": "https://www.debian.org/security/2017/dsa-3981"
            },
            {
              "name": "[kvm] 20170622 [PATCH] KVM: x86: fix singlestepping over syscall",
              "refsource": "MLIST",
              "url": "https://www.spinics.net/lists/kvm/msg151817.html"
            },
            {
              "name": "99263",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/99263"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2017-7518",
    "datePublished": "2018-07-30T13:00:00.000Z",
    "dateReserved": "2017-04-05T00:00:00.000Z",
    "dateUpdated": "2024-08-05T16:04:11.892Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2017-7518",
      "date": "2026-05-26",
      "epss": "0.0009",
      "percentile": "0.25347"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33C068A4-3780-4EAB-A937-6082DF847564\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51EF4996-72F4-4FA4-814F-F5991E7A8318\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D99A687E-EAE6-417E-A88E-D0082BC194CD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"4.12\", \"matchCriteriaId\": \"D9BBDA7A-EA95-41C5-8F4C-CA458BCB7E1F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.\"}, {\"lang\": \"es\", \"value\": \"Se ha detectado un error en el kernel de Linux en versiones anteriores a la 4.12 en la forma en la que el m\\u00f3dulo KVM proces\\u00f3 el bit trap flag(TF) en EFLAGS durante la emulaci\\u00f3n de la instrucci\\u00f3n de la llamada del sistema, lo que conduce a que se lance una excepci\\u00f3n de depuraci\\u00f3n (#DB) en la pila invitada. Un usuario/proceso en un invitado podr\\u00eda utilizar este error para escalar sus privilegios en el invitado. Los invitados de Linux no se han visto afectados por esto.\"}]",
      "id": "CVE-2017-7518",
      "lastModified": "2024-11-21T03:32:03.680",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"ADJACENT_NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 2.1, \"impactScore\": 3.4}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 4.6, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2018-07-30T15:29:00.560",
      "references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2017/06/23/5\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/99263\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038782\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/articles/3290921\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0395\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0412\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3619-1/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3619-2/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3754-1/\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2017/dsa-3981\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.spinics.net/lists/kvm/msg151817.html\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Mailing List\", \"Patch\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2017/06/23/5\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/99263\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038782\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/articles/3290921\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0395\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:0412\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3619-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3619-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3754-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2017/dsa-3981\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.spinics.net/lists/kvm/msg151817.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-250\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-755\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-7518\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2018-07-30T15:29:00.560\",\"lastModified\":\"2024-11-21T03:32:03.680\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.\"},{\"lang\":\"es\",\"value\":\"Se ha detectado un error en el kernel de Linux en versiones anteriores a la 4.12 en la forma en la que el m\u00f3dulo KVM proces\u00f3 el bit trap flag(TF) en EFLAGS durante la emulaci\u00f3n de la instrucci\u00f3n de la llamada del sistema, lo que conduce a que se lance una excepci\u00f3n de depuraci\u00f3n (#DB) en la pila invitada. Un usuario/proceso en un invitado podr\u00eda utilizar este error para escalar sus privilegios en el invitado. Los invitados de Linux no se han visto afectados por esto.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.1,\"impactScore\":3.4},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-250\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-755\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.12\",\"matchCriteriaId\":\"D9BBDA7A-EA95-41C5-8F4C-CA458BCB7E1F\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2017/06/23/5\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99263\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038782\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/articles/3290921\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0395\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0412\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3619-1/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3619-2/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3754-1/\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2017/dsa-3981\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.spinics.net/lists/kvm/msg151817.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2017/06/23/5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99263\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038782\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/articles/3290921\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0395\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0412\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7518\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3619-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3619-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3754-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2017/dsa-3981\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.spinics.net/lists/kvm/msg151817.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]}]}}"
  }
}

SUSE-SU-2017:2920-1

Vulnerability from csaf_suse - Published: 2017-11-02 13:02 - Updated: 2017-11-02 13:02

Summary

Security update for the Linux Kernel

Severity

Important

Notes

Title of the patch: Security update for the Linux Kernel

Description of the patch: The SUSE Linux Enterprise 12 GA LTS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bnc#1064388). - CVE-2015-9004: kernel/events/core.c in the Linux kernel mishandled counter grouping, which allowed local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions (bnc#1037306). - CVE-2016-10229: udp.c in the Linux kernel allowed remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag (bnc#1032268). - CVE-2016-9604: The handling of keyrings starting with '.' in KEYCTL_JOIN_SESSION_KEYRING, which could have allowed local users to manipulate privileged keyrings, was fixed (bsc#1035576) - CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line (bnc#1039456). - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354). - CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125). - CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152). - CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275). - CVE-2017-12153: A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel This function did not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash (bnc#1058410). - CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel did not ensure that the 'CR8-load exiting' and 'CR8-store exiting' L0 vmcs02 controls exist in cases where L1 omits the 'use TPR shadow' vmcs12 control, which allowed KVM L2 guest OS users to obtain read and write access to the hardware CR8 register (bnc#1058507). - CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148). - CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667). - CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588). - CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982). - CVE-2017-14140: The move_pages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179). - CVE-2017-15265: Use-after-free vulnerability in the Linux kernel allowed local users to have unspecified impact via vectors related to /dev/snd/seq (bnc#1062520). - CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327). - CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593). - CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type (bnc#1029850). - CVE-2017-7482: A potential memory corruption was fixed in decoding of krb5 principals in the kernels kerberos handling. (bnc#1046107). - CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879). - CVE-2017-7518: The Linux kernel was vulnerable to an incorrect debug exception(#DB) error. It could occur while emulating a syscall instruction and potentially lead to guest privilege escalation. (bsc#1045922). - CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet (bnc#1049645). - CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882). - CVE-2017-7889: The mm subsystem in the Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allowed local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c (bnc#1034405). - CVE-2017-8106: The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 allowed privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer (bnc#1035877). - CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994). - CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544). - CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982). - CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981). - CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882). - CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883). - CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885). - CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069). - CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431). The following non-security bugs were fixed: - btrfs: Fix a data space underflow warning (bsc#985562, bsc#975596, bsc#984779, bsc#1008353, bsc#1017941). - dm-mpath: always return reservation conflict. bsc#938162 - getcwd: Close race with d_move called by lustre (bsc#1052593). - ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (bsc#1041958). - ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output (bsc#1041958). - kabi: avoid bogus kabi errors in ip_output.c (bsc#1041958). - keys: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576). - mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348). - net: account for current skb length when deciding about UFO (bsc#1041958). - nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670 CVE#2017-7645). - nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670 CVE#2017-7645). - nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670 CVE#2017-7645). - printk: prevent userland from spoofing kernel messages (bsc#1039721). - reiserfs: do not preallocate blocks for extended attributes (bsc#990682). - tcp: do not inherit fastopen_req from parent (bsc#1038544). - udp: disallow UFO for sockets with SO_NO_CHECK option (bsc#1041958). - usb: wusbcore: fix NULL-deref at probe (bsc#1045487). - vsock: Detach QP check should filter out non matching QPs (bsc#1036752 bsc#1047408). - vsock: Fix lockdep issue (bsc#977417 bsc#1047408). - vsock: sock_put wasn't safe to call in interrupt context (bsc#977417 bsc#1047408). - xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present (bsc#1058524).

Patchnames: SUSE-SLE-Module-Public-Cloud-12-2017-1808,SUSE-SLE-SERVER-12-2017-1808

CVE-2015-9004

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2016-10229

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact critical

CVE-2016-9604

4.4 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-1000363

6.8 (Medium)


                        
                          CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-1000365

2.9 (Low)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-1000380

4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-10661

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-11176

7.3 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-12153

4.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-12154

5.6 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-12762

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-13080

8.1 (High)


                        
                          CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-14051

6.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-14106

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-14140

3.3 (Low)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-15265

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-15274

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-15649

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-2647

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-6951

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7482

6.6 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7487

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7518

5.3 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7541

6.2 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7542

6.2 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7889

5.9 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-8106

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-8831

6.7 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-8890

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-8924

4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-8925

4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-9074

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-9075

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-9076

6.2 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-9077

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-9242

7.8 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 24 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64	—	Vendor Fix

Threats

Impact important

References

235 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1008353	self
https://bugzilla.suse.com/1012422	self
https://bugzilla.suse.com/1017941	self
https://bugzilla.suse.com/1029850	self
https://bugzilla.suse.com/1030593	self
https://bugzilla.suse.com/1032268	self
https://bugzilla.suse.com/1034405	self
https://bugzilla.suse.com/1034670	self
https://bugzilla.suse.com/1035576	self
https://bugzilla.suse.com/1035877	self
https://bugzilla.suse.com/1036752	self
https://bugzilla.suse.com/1037182	self
https://bugzilla.suse.com/1037183	self
https://bugzilla.suse.com/1037306	self
https://bugzilla.suse.com/1037994	self
https://bugzilla.suse.com/1038544	self
https://bugzilla.suse.com/1038879	self
https://bugzilla.suse.com/1038981	self
https://bugzilla.suse.com/1038982	self
https://bugzilla.suse.com/1039348	self
https://bugzilla.suse.com/1039349	self
https://bugzilla.suse.com/1039354	self
https://bugzilla.suse.com/1039456	self
https://bugzilla.suse.com/1039721	self
https://bugzilla.suse.com/1039882	self
https://bugzilla.suse.com/1039883	self
https://bugzilla.suse.com/1039885	self
https://bugzilla.suse.com/1040069	self
https://bugzilla.suse.com/1041431	self
https://bugzilla.suse.com/1041958	self
https://bugzilla.suse.com/1044125	self
https://bugzilla.suse.com/1045327	self
https://bugzilla.suse.com/1045487	self
https://bugzilla.suse.com/1045922	self
https://bugzilla.suse.com/1046107	self
https://bugzilla.suse.com/1047408	self
https://bugzilla.suse.com/1048275	self
https://bugzilla.suse.com/1049645	self
https://bugzilla.suse.com/1049882	self
https://bugzilla.suse.com/1052593	self
https://bugzilla.suse.com/1053148	self
https://bugzilla.suse.com/1053152	self
https://bugzilla.suse.com/1056588	self
https://bugzilla.suse.com/1056982	self
https://bugzilla.suse.com/1057179	self
https://bugzilla.suse.com/1058038	self
https://bugzilla.suse.com/1058410	self
https://bugzilla.suse.com/1058507	self
https://bugzilla.suse.com/1058524	self
https://bugzilla.suse.com/1062520	self
https://bugzilla.suse.com/1063667	self
https://bugzilla.suse.com/1064388	self
https://bugzilla.suse.com/938162	self
https://bugzilla.suse.com/975596	self
https://bugzilla.suse.com/977417	self
https://bugzilla.suse.com/984779	self
https://bugzilla.suse.com/985562	self
https://bugzilla.suse.com/990682	self
https://www.suse.com/security/cve/CVE-2015-9004/	self
https://www.suse.com/security/cve/CVE-2016-10229/	self
https://www.suse.com/security/cve/CVE-2016-9604/	self
https://www.suse.com/security/cve/CVE-2017-1000363/	self
https://www.suse.com/security/cve/CVE-2017-1000365/	self
https://www.suse.com/security/cve/CVE-2017-1000380/	self
https://www.suse.com/security/cve/CVE-2017-10661/	self
https://www.suse.com/security/cve/CVE-2017-11176/	self
https://www.suse.com/security/cve/CVE-2017-12153/	self
https://www.suse.com/security/cve/CVE-2017-12154/	self
https://www.suse.com/security/cve/CVE-2017-12762/	self
https://www.suse.com/security/cve/CVE-2017-13080/	self
https://www.suse.com/security/cve/CVE-2017-14051/	self
https://www.suse.com/security/cve/CVE-2017-14106/	self
https://www.suse.com/security/cve/CVE-2017-14140/	self
https://www.suse.com/security/cve/CVE-2017-15265/	self
https://www.suse.com/security/cve/CVE-2017-15274/	self
https://www.suse.com/security/cve/CVE-2017-15649/	self
https://www.suse.com/security/cve/CVE-2017-2647/	self
https://www.suse.com/security/cve/CVE-2017-6951/	self
https://www.suse.com/security/cve/CVE-2017-7482/	self
https://www.suse.com/security/cve/CVE-2017-7487/	self
https://www.suse.com/security/cve/CVE-2017-7518/	self
https://www.suse.com/security/cve/CVE-2017-7541/	self
https://www.suse.com/security/cve/CVE-2017-7542/	self
https://www.suse.com/security/cve/CVE-2017-7889/	self
https://www.suse.com/security/cve/CVE-2017-8106/	self
https://www.suse.com/security/cve/CVE-2017-8831/	self
https://www.suse.com/security/cve/CVE-2017-8890/	self
https://www.suse.com/security/cve/CVE-2017-8924/	self
https://www.suse.com/security/cve/CVE-2017-8925/	self
https://www.suse.com/security/cve/CVE-2017-9074/	self
https://www.suse.com/security/cve/CVE-2017-9075/	self
https://www.suse.com/security/cve/CVE-2017-9076/	self
https://www.suse.com/security/cve/CVE-2017-9077/	self
https://www.suse.com/security/cve/CVE-2017-9242/	self
https://www.suse.com/security/cve/CVE-2015-9004	external
https://bugzilla.suse.com/1037306	external
https://www.suse.com/security/cve/CVE-2016-10229	external
https://bugzilla.suse.com/1032268	external
https://www.suse.com/security/cve/CVE-2016-9604	external
https://bugzilla.suse.com/1035576	external
https://www.suse.com/security/cve/CVE-2017-1000363	external
https://bugzilla.suse.com/1039456	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-1000365	external
https://bugzilla.suse.com/1037551	external
https://bugzilla.suse.com/1039346	external
https://bugzilla.suse.com/1039349	external
https://bugzilla.suse.com/1039354	external
https://bugzilla.suse.com/1054557	external
https://bugzilla.suse.com/1077345	external
https://www.suse.com/security/cve/CVE-2017-1000380	external
https://bugzilla.suse.com/1044125	external
https://www.suse.com/security/cve/CVE-2017-10661	external
https://bugzilla.suse.com/1053152	external
https://bugzilla.suse.com/1053153	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-11176	external
https://bugzilla.suse.com/1048275	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-12153	external
https://bugzilla.suse.com/1058410	external
https://bugzilla.suse.com/1058624	external
https://www.suse.com/security/cve/CVE-2017-12154	external
https://bugzilla.suse.com/1058038	external
https://bugzilla.suse.com/1058507	external
https://www.suse.com/security/cve/CVE-2017-12762	external
https://bugzilla.suse.com/1053148	external
https://bugzilla.suse.com/1053150	external
https://bugzilla.suse.com/1072117	external
https://bugzilla.suse.com/1072162	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-13080	external
https://bugzilla.suse.com/1056061	external
https://bugzilla.suse.com/1063479	external
https://bugzilla.suse.com/1063667	external
https://bugzilla.suse.com/1063671	external
https://bugzilla.suse.com/1066295	external
https://bugzilla.suse.com/1105108	external
https://bugzilla.suse.com/1178872	external
https://bugzilla.suse.com/1179588	external
https://www.suse.com/security/cve/CVE-2017-14051	external
https://bugzilla.suse.com/1056588	external
https://www.suse.com/security/cve/CVE-2017-14106	external
https://bugzilla.suse.com/1056982	external
https://www.suse.com/security/cve/CVE-2017-14140	external
https://bugzilla.suse.com/1057179	external
https://www.suse.com/security/cve/CVE-2017-15265	external
https://bugzilla.suse.com/1062520	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-15274	external
https://bugzilla.suse.com/1045327	external
https://bugzilla.suse.com/1062471	external
https://www.suse.com/security/cve/CVE-2017-15649	external
https://bugzilla.suse.com/1064388	external
https://bugzilla.suse.com/1064392	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-2647	external
https://bugzilla.suse.com/1030593	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-6951	external
https://bugzilla.suse.com/1029850	external
https://bugzilla.suse.com/1030593	external
https://www.suse.com/security/cve/CVE-2017-7482	external
https://bugzilla.suse.com/1046107	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-7487	external
https://bugzilla.suse.com/1038879	external
https://bugzilla.suse.com/1038883	external
https://bugzilla.suse.com/1038981	external
https://bugzilla.suse.com/1038982	external
https://bugzilla.suse.com/1072204	external
https://bugzilla.suse.com/1115893	external
https://bugzilla.suse.com/870618	external
https://www.suse.com/security/cve/CVE-2017-7518	external
https://bugzilla.suse.com/1045922	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-7541	external
https://bugzilla.suse.com/1049645	external
https://www.suse.com/security/cve/CVE-2017-7542	external
https://bugzilla.suse.com/1049882	external
https://bugzilla.suse.com/1061936	external
https://www.suse.com/security/cve/CVE-2017-7889	external
https://bugzilla.suse.com/1034405	external
https://www.suse.com/security/cve/CVE-2017-8106	external
https://bugzilla.suse.com/1035877	external
https://www.suse.com/security/cve/CVE-2017-8831	external
https://bugzilla.suse.com/1037994	external
https://bugzilla.suse.com/1061936	external
https://bugzilla.suse.com/1087082	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-8890	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1038564	external
https://bugzilla.suse.com/1039883	external
https://bugzilla.suse.com/1039885	external
https://bugzilla.suse.com/1040069	external
https://bugzilla.suse.com/1042364	external
https://bugzilla.suse.com/1051906	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-8924	external
https://bugzilla.suse.com/1037182	external
https://bugzilla.suse.com/1038981	external
https://bugzilla.suse.com/1038982	external
https://bugzilla.suse.com/870618	external
https://www.suse.com/security/cve/CVE-2017-8925	external
https://bugzilla.suse.com/1037183	external
https://bugzilla.suse.com/1038981	external
https://bugzilla.suse.com/1038982	external
https://bugzilla.suse.com/870618	external
https://www.suse.com/security/cve/CVE-2017-9074	external
https://bugzilla.suse.com/1039882	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9075	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1039883	external
https://bugzilla.suse.com/1051906	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9076	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1039885	external
https://bugzilla.suse.com/1040069	external
https://bugzilla.suse.com/1051906	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9077	external
https://bugzilla.suse.com/1038544	external
https://bugzilla.suse.com/1040069	external
https://bugzilla.suse.com/1042364	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-9242	external
https://bugzilla.suse.com/1041431	external
https://bugzilla.suse.com/1042892	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\n\nThe SUSE Linux Enterprise 12 GA LTS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bnc#1064388).\n- CVE-2015-9004: kernel/events/core.c in the Linux kernel mishandled counter grouping, which allowed local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions (bnc#1037306).\n- CVE-2016-10229: udp.c in the Linux kernel allowed remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag (bnc#1032268).\n- CVE-2016-9604: The handling of keyrings starting with \u0027.\u0027 in KEYCTL_JOIN_SESSION_KEYRING, which could have allowed local users to manipulate privileged keyrings, was fixed (bsc#1035576)\n- CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a \u0027secure boot\u0027 kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6\u0027s CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (\u003eLP_NO) \u0027lp=none\u0027 arguments to the command line (bnc#1039456).\n- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354).\n- CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).\n- CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152).\n- CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).\n- CVE-2017-12153: A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel This function did not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash (bnc#1058410).\n- CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel did not ensure that the \u0027CR8-load exiting\u0027 and \u0027CR8-store exiting\u0027 L0 vmcs02 controls exist in cases where L1 omits the \u0027use TPR shadow\u0027 vmcs12 control, which allowed KVM L2 guest OS users to obtain read and write access to the hardware CR8 register (bnc#1058507).\n- CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148).\n- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667).\n- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).\n- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982).\n- CVE-2017-14140: The move_pages system call in mm/migrate.c in the Linux kernel doesn\u0027t check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179).\n- CVE-2017-15265: Use-after-free vulnerability in the Linux kernel allowed local users to have unspecified impact via vectors related to /dev/snd/seq (bnc#1062520).\n- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327).\n- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593).\n- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \u0027dead\u0027 type (bnc#1029850).\n- CVE-2017-7482: A potential memory corruption was fixed in decoding of krb5 principals in the kernels kerberos handling. (bnc#1046107).\n- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879).\n- CVE-2017-7518: The Linux kernel was vulnerable to an incorrect debug exception(#DB) error. It could occur while emulating a syscall instruction and potentially lead to guest privilege escalation. (bsc#1045922).\n- CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet (bnc#1049645).\n- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882).\n- CVE-2017-7889: The mm subsystem in the Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allowed local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c (bnc#1034405).\n- CVE-2017-8106: The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 allowed privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer (bnc#1035877).\n- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \u0027double fetch\u0027 vulnerability (bnc#1037994).\n- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544).\n- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982).\n- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981).\n- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).\n- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).\n- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).\n- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).\n\nThe following non-security bugs were fixed:\n\n- btrfs: Fix a data space underflow warning (bsc#985562, bsc#975596, bsc#984779, bsc#1008353, bsc#1017941).\n- dm-mpath: always return reservation conflict. bsc#938162\n- getcwd: Close race with d_move called by lustre (bsc#1052593).\n- ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (bsc#1041958).\n- ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output (bsc#1041958).\n- kabi: avoid bogus kabi errors in ip_output.c (bsc#1041958).\n- keys: Disallow keyrings beginning with \u0027.\u0027 to be joined as session keyrings (bnc#1035576).\n- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348).\n- net: account for current skb length when deciding about UFO (bsc#1041958).\n- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670 CVE#2017-7645).\n- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670 CVE#2017-7645).\n- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670 CVE#2017-7645).\n- printk: prevent userland from spoofing kernel messages (bsc#1039721).\n- reiserfs: do not preallocate blocks for extended attributes (bsc#990682).\n- tcp: do not inherit fastopen_req from parent (bsc#1038544).\n- udp: disallow UFO for sockets with SO_NO_CHECK option (bsc#1041958).\n- usb: wusbcore: fix NULL-deref at probe (bsc#1045487).\n- vsock: Detach QP check should filter out non matching QPs (bsc#1036752 bsc#1047408).\n- vsock: Fix lockdep issue (bsc#977417 bsc#1047408).\n- vsock: sock_put wasn\u0027t safe to call in interrupt context (bsc#977417 bsc#1047408).\n- xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present (bsc#1058524).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-Module-Public-Cloud-12-2017-1808,SUSE-SLE-SERVER-12-2017-1808",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2920-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2920-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172920-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2920-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003367.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1008353",
        "url": "https://bugzilla.suse.com/1008353"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1012422",
        "url": "https://bugzilla.suse.com/1012422"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1017941",
        "url": "https://bugzilla.suse.com/1017941"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1029850",
        "url": "https://bugzilla.suse.com/1029850"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1030593",
        "url": "https://bugzilla.suse.com/1030593"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1032268",
        "url": "https://bugzilla.suse.com/1032268"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1034405",
        "url": "https://bugzilla.suse.com/1034405"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1034670",
        "url": "https://bugzilla.suse.com/1034670"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1035576",
        "url": "https://bugzilla.suse.com/1035576"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1035877",
        "url": "https://bugzilla.suse.com/1035877"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1036752",
        "url": "https://bugzilla.suse.com/1036752"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037182",
        "url": "https://bugzilla.suse.com/1037182"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037183",
        "url": "https://bugzilla.suse.com/1037183"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037306",
        "url": "https://bugzilla.suse.com/1037306"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037994",
        "url": "https://bugzilla.suse.com/1037994"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038544",
        "url": "https://bugzilla.suse.com/1038544"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038879",
        "url": "https://bugzilla.suse.com/1038879"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038981",
        "url": "https://bugzilla.suse.com/1038981"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038982",
        "url": "https://bugzilla.suse.com/1038982"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039348",
        "url": "https://bugzilla.suse.com/1039348"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039349",
        "url": "https://bugzilla.suse.com/1039349"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039354",
        "url": "https://bugzilla.suse.com/1039354"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039456",
        "url": "https://bugzilla.suse.com/1039456"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039721",
        "url": "https://bugzilla.suse.com/1039721"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039882",
        "url": "https://bugzilla.suse.com/1039882"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039883",
        "url": "https://bugzilla.suse.com/1039883"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039885",
        "url": "https://bugzilla.suse.com/1039885"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1040069",
        "url": "https://bugzilla.suse.com/1040069"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041431",
        "url": "https://bugzilla.suse.com/1041431"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041958",
        "url": "https://bugzilla.suse.com/1041958"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044125",
        "url": "https://bugzilla.suse.com/1044125"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045327",
        "url": "https://bugzilla.suse.com/1045327"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045487",
        "url": "https://bugzilla.suse.com/1045487"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045922",
        "url": "https://bugzilla.suse.com/1045922"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046107",
        "url": "https://bugzilla.suse.com/1046107"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047408",
        "url": "https://bugzilla.suse.com/1047408"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048275",
        "url": "https://bugzilla.suse.com/1048275"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049645",
        "url": "https://bugzilla.suse.com/1049645"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049882",
        "url": "https://bugzilla.suse.com/1049882"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052593",
        "url": "https://bugzilla.suse.com/1052593"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1053148",
        "url": "https://bugzilla.suse.com/1053148"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1053152",
        "url": "https://bugzilla.suse.com/1053152"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1056588",
        "url": "https://bugzilla.suse.com/1056588"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1056982",
        "url": "https://bugzilla.suse.com/1056982"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1057179",
        "url": "https://bugzilla.suse.com/1057179"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1058038",
        "url": "https://bugzilla.suse.com/1058038"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1058410",
        "url": "https://bugzilla.suse.com/1058410"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1058507",
        "url": "https://bugzilla.suse.com/1058507"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1058524",
        "url": "https://bugzilla.suse.com/1058524"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1062520",
        "url": "https://bugzilla.suse.com/1062520"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1063667",
        "url": "https://bugzilla.suse.com/1063667"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1064388",
        "url": "https://bugzilla.suse.com/1064388"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 938162",
        "url": "https://bugzilla.suse.com/938162"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 975596",
        "url": "https://bugzilla.suse.com/975596"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 977417",
        "url": "https://bugzilla.suse.com/977417"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 984779",
        "url": "https://bugzilla.suse.com/984779"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 985562",
        "url": "https://bugzilla.suse.com/985562"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 990682",
        "url": "https://bugzilla.suse.com/990682"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2015-9004 page",
        "url": "https://www.suse.com/security/cve/CVE-2015-9004/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-10229 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-10229/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-9604 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-9604/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000363 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000363/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000365 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000365/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000380 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000380/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-10661 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-10661/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11176 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-12153 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-12153/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-12154 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-12154/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-12762 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-12762/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-13080 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-13080/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-14051 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-14051/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-14106 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-14106/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-14140 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-14140/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-15265 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-15265/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-15274 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-15274/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-15649 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-15649/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-2647 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-2647/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-6951 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-6951/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7482 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7482/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7487 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7487/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7518 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7518/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7541 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7541/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7542 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7542/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7889 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7889/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8106 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8106/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8831 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8831/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8890 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8890/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8924 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8924/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8925 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8925/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9074 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9074/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9075 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9075/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9076 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9076/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9077 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9077/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-9242 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-9242/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2017-11-02T13:02:36Z",
      "generator": {
        "date": "2017-11-02T13:02:36Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2920-1",
      "initial_release_date": "2017-11-02T13:02:36Z",
      "revision_history": [
        {
          "date": "2017-11-02T13:02:36Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-3.12.61-52.101.1.noarch",
                "product": {
                  "name": "kernel-devel-3.12.61-52.101.1.noarch",
                  "product_id": "kernel-devel-3.12.61-52.101.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-macros-3.12.61-52.101.1.noarch",
                "product": {
                  "name": "kernel-macros-3.12.61-52.101.1.noarch",
                  "product_id": "kernel-macros-3.12.61-52.101.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-3.12.61-52.101.1.noarch",
                "product": {
                  "name": "kernel-source-3.12.61-52.101.1.noarch",
                  "product_id": "kernel-source-3.12.61-52.101.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-3.12.61-52.101.1.ppc64le",
                "product": {
                  "name": "kernel-default-3.12.61-52.101.1.ppc64le",
                  "product_id": "kernel-default-3.12.61-52.101.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.12.61-52.101.1.ppc64le",
                "product": {
                  "name": "kernel-default-base-3.12.61-52.101.1.ppc64le",
                  "product_id": "kernel-default-base-3.12.61-52.101.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.12.61-52.101.1.ppc64le",
                "product": {
                  "name": "kernel-default-devel-3.12.61-52.101.1.ppc64le",
                  "product_id": "kernel-default-devel-3.12.61-52.101.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.12.61-52.101.1.ppc64le",
                "product": {
                  "name": "kernel-syms-3.12.61-52.101.1.ppc64le",
                  "product_id": "kernel-syms-3.12.61-52.101.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-default-3.12.61-52.101.1.s390x",
                "product": {
                  "name": "kernel-default-3.12.61-52.101.1.s390x",
                  "product_id": "kernel-default-3.12.61-52.101.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.12.61-52.101.1.s390x",
                "product": {
                  "name": "kernel-default-base-3.12.61-52.101.1.s390x",
                  "product_id": "kernel-default-base-3.12.61-52.101.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.12.61-52.101.1.s390x",
                "product": {
                  "name": "kernel-default-devel-3.12.61-52.101.1.s390x",
                  "product_id": "kernel-default-devel-3.12.61-52.101.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-man-3.12.61-52.101.1.s390x",
                "product": {
                  "name": "kernel-default-man-3.12.61-52.101.1.s390x",
                  "product_id": "kernel-default-man-3.12.61-52.101.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.12.61-52.101.1.s390x",
                "product": {
                  "name": "kernel-syms-3.12.61-52.101.1.s390x",
                  "product_id": "kernel-syms-3.12.61-52.101.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-ec2-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-ec2-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-ec2-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-devel-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-ec2-devel-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-ec2-devel-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-ec2-extra-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-ec2-extra-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-ec2-extra-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-default-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-default-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-base-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-default-base-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-default-base-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-default-devel-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-default-devel-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-default-devel-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-syms-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-syms-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-xen-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-xen-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-base-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-xen-base-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-xen-base-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-xen-devel-3.12.61-52.101.1.x86_64",
                "product": {
                  "name": "kernel-xen-devel-3.12.61-52.101.1.x86_64",
                  "product_id": "kernel-xen-devel-3.12.61-52.101.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
                  "product_id": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64",
                "product": {
                  "name": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64",
                  "product_id": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Module for Public Cloud 12",
                "product": {
                  "name": "SUSE Linux Enterprise Module for Public Cloud 12",
                  "product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-module-public-cloud:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 12-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-ec2-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-devel-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-ec2-devel-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-ec2-extra-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
          "product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-ec2-extra-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.61-52.101.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le"
        },
        "product_reference": "kernel-default-3.12.61-52.101.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x"
        },
        "product_reference": "kernel-default-3.12.61-52.101.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-default-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.12.61-52.101.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le"
        },
        "product_reference": "kernel-default-base-3.12.61-52.101.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x"
        },
        "product_reference": "kernel-default-base-3.12.61-52.101.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-base-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-default-base-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.61-52.101.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le"
        },
        "product_reference": "kernel-default-devel-3.12.61-52.101.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x"
        },
        "product_reference": "kernel-default-devel-3.12.61-52.101.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-devel-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-default-devel-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-default-man-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x"
        },
        "product_reference": "kernel-default-man-3.12.61-52.101.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-3.12.61-52.101.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch"
        },
        "product_reference": "kernel-devel-3.12.61-52.101.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-macros-3.12.61-52.101.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch"
        },
        "product_reference": "kernel-macros-3.12.61-52.101.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-3.12.61-52.101.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch"
        },
        "product_reference": "kernel-source-3.12.61-52.101.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.61-52.101.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le"
        },
        "product_reference": "kernel-syms-3.12.61-52.101.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x"
        },
        "product_reference": "kernel-syms-3.12.61-52.101.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-syms-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-xen-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-base-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-xen-base-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-xen-devel-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64"
        },
        "product_reference": "kernel-xen-devel-3.12.61-52.101.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
          "product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        },
        "product_reference": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2015-9004",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2015-9004"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2015-9004",
          "url": "https://www.suse.com/security/cve/CVE-2015-9004"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037306 for CVE-2015-9004",
          "url": "https://bugzilla.suse.com/1037306"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2015-9004"
    },
    {
      "cve": "CVE-2016-10229",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-10229"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-10229",
          "url": "https://www.suse.com/security/cve/CVE-2016-10229"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1032268 for CVE-2016-10229",
          "url": "https://bugzilla.suse.com/1032268"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2016-10229"
    },
    {
      "cve": "CVE-2016-9604",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-9604"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as \u0027.dns_resolver\u0027 in RHEL-7 or \u0027.builtin_trusted_keys\u0027 upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-9604",
          "url": "https://www.suse.com/security/cve/CVE-2016-9604"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035576 for CVE-2016-9604",
          "url": "https://bugzilla.suse.com/1035576"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-9604"
    },
    {
      "cve": "CVE-2017-1000363",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000363"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a \u0027secure boot\u0027 kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6\u0027s CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (\u003eLP_NO) \u0027lp=none\u0027 arguments to the command line.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000363",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000363"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039456 for CVE-2017-1000363",
          "url": "https://bugzilla.suse.com/1039456"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-1000363",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-1000363"
    },
    {
      "cve": "CVE-2017-1000365",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000365"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000365",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037551 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1037551"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039346 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1039346"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039349 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1039349"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039354 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1039354"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1054557 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1054557"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077345 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1077345"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-1000365"
    },
    {
      "cve": "CVE-2017-1000380",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000380"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000380",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000380"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1044125 for CVE-2017-1000380",
          "url": "https://bugzilla.suse.com/1044125"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-1000380"
    },
    {
      "cve": "CVE-2017-10661",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-10661"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-10661",
          "url": "https://www.suse.com/security/cve/CVE-2017-10661"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053152 for CVE-2017-10661",
          "url": "https://bugzilla.suse.com/1053152"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053153 for CVE-2017-10661",
          "url": "https://bugzilla.suse.com/1053153"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-10661",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-10661"
    },
    {
      "cve": "CVE-2017-11176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11176",
          "url": "https://www.suse.com/security/cve/CVE-2017-11176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1048275 for CVE-2017-11176",
          "url": "https://bugzilla.suse.com/1048275"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-11176",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-11176"
    },
    {
      "cve": "CVE-2017-12153",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-12153"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-12153",
          "url": "https://www.suse.com/security/cve/CVE-2017-12153"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1058410 for CVE-2017-12153",
          "url": "https://bugzilla.suse.com/1058410"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1058624 for CVE-2017-12153",
          "url": "https://bugzilla.suse.com/1058624"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-12153"
    },
    {
      "cve": "CVE-2017-12154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-12154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the \"CR8-load exiting\" and \"CR8-store exiting\" L0 vmcs02 controls exist in cases where L1 omits the \"use TPR shadow\" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-12154",
          "url": "https://www.suse.com/security/cve/CVE-2017-12154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1058038 for CVE-2017-12154",
          "url": "https://bugzilla.suse.com/1058038"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1058507 for CVE-2017-12154",
          "url": "https://bugzilla.suse.com/1058507"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-12154"
    },
    {
      "cve": "CVE-2017-12762",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-12762"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-12762",
          "url": "https://www.suse.com/security/cve/CVE-2017-12762"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053148 for CVE-2017-12762",
          "url": "https://bugzilla.suse.com/1053148"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053150 for CVE-2017-12762",
          "url": "https://bugzilla.suse.com/1053150"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072117 for CVE-2017-12762",
          "url": "https://bugzilla.suse.com/1072117"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072162 for CVE-2017-12762",
          "url": "https://bugzilla.suse.com/1072162"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-12762",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-12762"
    },
    {
      "cve": "CVE-2017-13080",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-13080"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-13080",
          "url": "https://www.suse.com/security/cve/CVE-2017-13080"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1056061 for CVE-2017-13080",
          "url": "https://bugzilla.suse.com/1056061"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1063479 for CVE-2017-13080",
          "url": "https://bugzilla.suse.com/1063479"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1063667 for CVE-2017-13080",
          "url": "https://bugzilla.suse.com/1063667"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1063671 for CVE-2017-13080",
          "url": "https://bugzilla.suse.com/1063671"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1066295 for CVE-2017-13080",
          "url": "https://bugzilla.suse.com/1066295"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1105108 for CVE-2017-13080",
          "url": "https://bugzilla.suse.com/1105108"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1178872 for CVE-2017-13080",
          "url": "https://bugzilla.suse.com/1178872"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1179588 for CVE-2017-13080",
          "url": "https://bugzilla.suse.com/1179588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-13080"
    },
    {
      "cve": "CVE-2017-14051",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-14051"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-14051",
          "url": "https://www.suse.com/security/cve/CVE-2017-14051"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1056588 for CVE-2017-14051",
          "url": "https://bugzilla.suse.com/1056588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-14051"
    },
    {
      "cve": "CVE-2017-14106",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-14106"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-14106",
          "url": "https://www.suse.com/security/cve/CVE-2017-14106"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1056982 for CVE-2017-14106",
          "url": "https://bugzilla.suse.com/1056982"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-14106"
    },
    {
      "cve": "CVE-2017-14140",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-14140"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn\u0027t check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-14140",
          "url": "https://www.suse.com/security/cve/CVE-2017-14140"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1057179 for CVE-2017-14140",
          "url": "https://bugzilla.suse.com/1057179"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-14140"
    },
    {
      "cve": "CVE-2017-15265",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-15265"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-15265",
          "url": "https://www.suse.com/security/cve/CVE-2017-15265"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1062520 for CVE-2017-15265",
          "url": "https://bugzilla.suse.com/1062520"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-15265",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-15265"
    },
    {
      "cve": "CVE-2017-15274",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-15274"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-15274",
          "url": "https://www.suse.com/security/cve/CVE-2017-15274"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1045327 for CVE-2017-15274",
          "url": "https://bugzilla.suse.com/1045327"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1062471 for CVE-2017-15274",
          "url": "https://bugzilla.suse.com/1062471"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-15274"
    },
    {
      "cve": "CVE-2017-15649",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-15649"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-15649",
          "url": "https://www.suse.com/security/cve/CVE-2017-15649"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1064388 for CVE-2017-15649",
          "url": "https://bugzilla.suse.com/1064388"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1064392 for CVE-2017-15649",
          "url": "https://bugzilla.suse.com/1064392"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-15649",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-15649"
    },
    {
      "cve": "CVE-2017-2647",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-2647"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-2647",
          "url": "https://www.suse.com/security/cve/CVE-2017-2647"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1030593 for CVE-2017-2647",
          "url": "https://bugzilla.suse.com/1030593"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-2647",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-2647"
    },
    {
      "cve": "CVE-2017-6951",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-6951"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \"dead\" type.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-6951",
          "url": "https://www.suse.com/security/cve/CVE-2017-6951"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1029850 for CVE-2017-6951",
          "url": "https://bugzilla.suse.com/1029850"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1030593 for CVE-2017-6951",
          "url": "https://bugzilla.suse.com/1030593"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-6951"
    },
    {
      "cve": "CVE-2017-7482",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7482"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7482",
          "url": "https://www.suse.com/security/cve/CVE-2017-7482"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1046107 for CVE-2017-7482",
          "url": "https://bugzilla.suse.com/1046107"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-7482",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7482"
    },
    {
      "cve": "CVE-2017-7487",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7487"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7487",
          "url": "https://www.suse.com/security/cve/CVE-2017-7487"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038879 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1038879"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038883 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1038883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038981 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1038981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038982 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1038982"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072204 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1072204"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/1115893"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 870618 for CVE-2017-7487",
          "url": "https://bugzilla.suse.com/870618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7487"
    },
    {
      "cve": "CVE-2017-7518",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7518"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7518",
          "url": "https://www.suse.com/security/cve/CVE-2017-7518"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1045922 for CVE-2017-7518",
          "url": "https://bugzilla.suse.com/1045922"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-7518",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7518"
    },
    {
      "cve": "CVE-2017-7541",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7541"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7541",
          "url": "https://www.suse.com/security/cve/CVE-2017-7541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049645 for CVE-2017-7541",
          "url": "https://bugzilla.suse.com/1049645"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7541"
    },
    {
      "cve": "CVE-2017-7542",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7542"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7542",
          "url": "https://www.suse.com/security/cve/CVE-2017-7542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049882 for CVE-2017-7542",
          "url": "https://bugzilla.suse.com/1049882"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061936 for CVE-2017-7542",
          "url": "https://bugzilla.suse.com/1061936"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7542"
    },
    {
      "cve": "CVE-2017-7889",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7889"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7889",
          "url": "https://www.suse.com/security/cve/CVE-2017-7889"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1034405 for CVE-2017-7889",
          "url": "https://bugzilla.suse.com/1034405"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7889"
    },
    {
      "cve": "CVE-2017-8106",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8106"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8106",
          "url": "https://www.suse.com/security/cve/CVE-2017-8106"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1035877 for CVE-2017-8106",
          "url": "https://bugzilla.suse.com/1035877"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-8106"
    },
    {
      "cve": "CVE-2017-8831",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8831"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8831",
          "url": "https://www.suse.com/security/cve/CVE-2017-8831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037994 for CVE-2017-8831",
          "url": "https://bugzilla.suse.com/1037994"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061936 for CVE-2017-8831",
          "url": "https://bugzilla.suse.com/1061936"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-8831",
          "url": "https://bugzilla.suse.com/1087082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-8831",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-8831"
    },
    {
      "cve": "CVE-2017-8890",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8890"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8890",
          "url": "https://www.suse.com/security/cve/CVE-2017-8890"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038564 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1038564"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039883 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039885 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1039885"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1040069 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1040069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042364 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1042364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051906 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1051906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-8890",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-8890"
    },
    {
      "cve": "CVE-2017-8924",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8924"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8924",
          "url": "https://www.suse.com/security/cve/CVE-2017-8924"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037182 for CVE-2017-8924",
          "url": "https://bugzilla.suse.com/1037182"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038981 for CVE-2017-8924",
          "url": "https://bugzilla.suse.com/1038981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038982 for CVE-2017-8924",
          "url": "https://bugzilla.suse.com/1038982"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 870618 for CVE-2017-8924",
          "url": "https://bugzilla.suse.com/870618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-8924"
    },
    {
      "cve": "CVE-2017-8925",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8925"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8925",
          "url": "https://www.suse.com/security/cve/CVE-2017-8925"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037183 for CVE-2017-8925",
          "url": "https://bugzilla.suse.com/1037183"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038981 for CVE-2017-8925",
          "url": "https://bugzilla.suse.com/1038981"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038982 for CVE-2017-8925",
          "url": "https://bugzilla.suse.com/1038982"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 870618 for CVE-2017-8925",
          "url": "https://bugzilla.suse.com/870618"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-8925"
    },
    {
      "cve": "CVE-2017-9074",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9074"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9074",
          "url": "https://www.suse.com/security/cve/CVE-2017-9074"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039882 for CVE-2017-9074",
          "url": "https://bugzilla.suse.com/1039882"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-9074",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9074"
    },
    {
      "cve": "CVE-2017-9075",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9075"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9075",
          "url": "https://www.suse.com/security/cve/CVE-2017-9075"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-9075",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039883 for CVE-2017-9075",
          "url": "https://bugzilla.suse.com/1039883"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051906 for CVE-2017-9075",
          "url": "https://bugzilla.suse.com/1051906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-9075",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9075"
    },
    {
      "cve": "CVE-2017-9076",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9076"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9076",
          "url": "https://www.suse.com/security/cve/CVE-2017-9076"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039885 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1039885"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1040069 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1040069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051906 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1051906"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-9076",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9076"
    },
    {
      "cve": "CVE-2017-9077",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9077"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9077",
          "url": "https://www.suse.com/security/cve/CVE-2017-9077"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1038544 for CVE-2017-9077",
          "url": "https://bugzilla.suse.com/1038544"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1040069 for CVE-2017-9077",
          "url": "https://bugzilla.suse.com/1040069"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042364 for CVE-2017-9077",
          "url": "https://bugzilla.suse.com/1042364"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-9077",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-9077"
    },
    {
      "cve": "CVE-2017-9242",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-9242"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
          "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-9242",
          "url": "https://www.suse.com/security/cve/CVE-2017-9242"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1041431 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1041431"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1042892 for CVE-2017-9242",
          "url": "https://bugzilla.suse.com/1042892"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
            "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-02T13:02:36Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-9242"
    }
  ]
}

SUSE-SU-2017:2956-1

Vulnerability from csaf_suse - Published: 2017-11-08 15:02 - Updated: 2017-11-08 15:02

Summary

Security update for the Linux Kernel

Severity

Important

Notes

Title of the patch: Security update for the Linux Kernel

Description of the patch: The SUSE Linux Enterprise 12 SP2 RT kernel was updated to 4.4.88 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation (bnc#1039354) - CVE-2017-1000112: Prevent race condition in net-packet code that could have been exploited by unprivileged users to gain root access. (bnc#1052311) - CVE-2017-1000251: The native Bluetooth stack was vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in remote code execution in kernel space (bnc#1057389) - CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588) - CVE-2017-8831: The saa7164_bus_get function allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994) - CVE-2017-1000252: Wrong gsi values via KVM_IRQFD allowed unprivileged users using KVM to cause DoS on Intel systems (bsc#1058038). - CVE-2017-1000111: Prevent in packet_set_ring on PACKET_RESERVE (bsc#1052365). - CVE-2017-10810: Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c allowed attackers to cause a denial of service (memory consumption) by triggering object-initialization failures (bnc#1047277). - CVE-2017-11472: The acpi_ns_terminate() function did not flush the operand cache and causes a kernel stack dump, which allowed local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism via a crafted ACPI table (bnc#1049580). - CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function allowed local users to gain privileges via a crafted ACPI table (bnc#1049603). - CVE-2017-12134: The xen_biovec_phys_mergeable function might have allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation (bnc#1051790). - CVE-2017-12154: L2 guest could have accessed hardware(L0) CR8 register and crashed the host system (bsc#1058507). - CVE-2017-14106: The tcp_disconnect function allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982). - CVE-2017-7518: Faulty debug exception via syscall emulation allowed non-linux guests to escalate their privileges in the guest (bsc#1045922). - CVE-2017-7533: Race condition in the fsnotify implementation allowed local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions (bsc#1049483). - CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function allowed local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet (bsc#1049645). - CVE-2017-7542: The ip6_find_1stfragopt function allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bsc#1049882). The following non-security bugs were fixed: - ACPI / processor: Avoid reserving IO regions too early (bsc#1051478). - ACPI / scan: Prefer devices without _HID for _ADR matching. - ALSA: fm801: Initialize chip after IRQ handler is registered (bsc#1031717). - ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978) (bsc#1020657). - ALSA: hda - Fix endless loop of codec configure (bsc#1031717). - ALSA: hda - Implement mic-mute LED mode enum (bsc#1055013). - ALSA: hda - set input_path bitmap to zero after moving it to new place (bsc#1031717). - ALSA: hda/realtek - Add support headphone Mic for ALC221 of HP platform (bsc#1024405). - ALSA: ice1712: Add support for STAudio ADCIII (bsc#1048934). - ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset (bsc#1052580). - Add 'shutdown' to 'struct class' (bsc#1053117). - Bluetooth: bnep: fix possible might sleep error in bnep_session (bsc#1031784). - Bluetooth: cmtp: fix possible might sleep error in cmtp_session (bsc#1031784). - Bluetooth: hidp: fix possible might sleep error in hidp_session_thread (bsc#1031784). - Drivers: hv: Fix the bug in generating the guest ID. - Drivers: hv: util: Fix a typo. - Drivers: hv: vmbus: Get the current time from the current clocksource (bnc#1044112, bnc#1042778, bnc#1029693). - Drivers: hv: vmbus: Move the code to signal end of message. - Drivers: hv: vmbus: Move the definition of generate_guest_id(). - Drivers: hv: vmbus: Move the definition of hv_x64_msr_hypercall_contents. - Drivers: hv: vmbus: Restructure the clockevents code. - Fix kABI breakage by KVM CVE fix (bsc#1045922). - IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151). - Input: gpio-keys - fix check for disabling unsupported keys (bsc#1031717). - KVM: nVMX: Fix nested VPID vmx exec control (bsc#1051478). - KVM: nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC (bsc#1051478). - KVM: x86: avoid simultaneous queueing of both IRQ and SMI (bsc#1051478). - MD: fix sleep in atomic (bsc#1040351). - More Git-commit header fixups No functional change intended. - NFS: Cache aggressively when file is open for writing (bsc#1033587). - NFS: Do not flush caches for a getattr that races with writeback (bsc#1033587). - NFS: flush data when locking a file to ensure cache coherence for mmap (bsc#981309). - NFS: invalidate file size when taking a lock (git-fixes). - NFS: only invalidate dentrys that are clearly invalid (bsc#1047118). - PCI / PM: Fix native PME handling during system suspend/resume (bsc#1051478). - PCI: Add Mellanox device IDs (bsc#1051478). - PCI: Convert Mellanox broken INTx quirks to be for listed devices only (bsc#1051478). - PCI: Correct PCI_STD_RESOURCE_END usage (bsc#1051478). - PCI: Enable ECRC only if device supports it (bsc#1051478). - PCI: Support INTx masking on ConnectX-4 with firmware x.14.1100+ (bsc#1051478). - PCI: dwc: Fix uninitialized variable in dw_handle_msi_irq() (bsc#1051478). - PCI: dwc: dra7xx: Use RW1C for IRQSTATUS_MSI and IRQSTATUS_MAIN (bsc#1051478). - PM / Hibernate: Fix scheduling while atomic during hibernation (bsc#1051059). - Revert '/proc/iomem: only expose physical resource addresses to privileged users' (kabi). - Revert 'ACPI / video: Add force_native quirk for HP Pavilion dv6' (bsc#1031717). - Revert 'Add 'shutdown' to 'struct class'.' (kabi). - Revert 'KVM: x86: fix emulation of RSM and IRET instructions' (kabi). - Revert 'Make file credentials available to the seqfile interfaces' (kabi). - Revert 'mm/list_lru.c: fix list_lru_count_node() to be race free' (kabi). - Revert 'powerpc/numa: Fix percpu allocations to be NUMA aware' (bsc#1048914). - Revert 'tpm: Issue a TPM2_Shutdown for TPM2 devices.' (kabi). - USB: core: fix device node leak (bsc#1047487). - Update kabi files: sync with 4.4.74 updates - af_key: Add lock to key dump (bsc#1047653). - af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354). - b43: Add missing MODULE_FIRMWARE() (bsc#1037344). - bcache: force trigger gc (bsc#1038078). - bcache: force trigger gc (bsc#1038078). - bcache: only recovery I/O error for writethrough mode (bsc#1043652). - bcache: only recovery I/O error for writethrough mode (bsc#1043652). - bdi: Fix use-after-free in wb_congested_put() (bsc#1040307). - blacklist.conf: 9eeacd3a2f17 not a bug fix (bnc#1050061) - blacklist.conf: Blacklist c133c7615751 ('x86/nmi: Fix timeout test in test_nmi_ipi()') It only fixes a self-test (bsc#1051478). - blacklist.conf: Blacklist c9525a3fab63 ('x86/watchdog: Fix Kconfig help text file path reference to lockup watchdog documentation') Updates only kconfig help-text (bsc#1051478). - blacklist.conf: add inapplicable commits for wifi (bsc#1031717) - blacklist.conf: add unapplicable drm fixes (bsc#1031717). - blacklist.conf: add unapplicable/cosmetic iwlwifi fixes (bsc#1031717). - blkfront: add uevent for size change (bnc#1036632). - block: Allow bdi re-registration (bsc#1040307). - block: Fix front merge check (bsc#1051239). - block: Make del_gendisk() safer for disks without queues (bsc#1040307). - block: Move bdi_unregister() to del_gendisk() (bsc#1040307). - block: do not allow updates through sysfs until registration completes (bsc#1047027). - bnxt: add a missing rcu synchronization (bnc#1038583). - bnxt: do not busy-poll when link is down (bnc#1038583). - bnxt_en: Enable MRU enables bit when configuring VNIC MRU (bnc#1038583). - bnxt_en: Fix 'uninitialized variable' bug in TPA code path (bnc#1038583). - bnxt_en: Fix NULL pointer dereference in a failure path during open (bnc#1038583). - bnxt_en: Fix NULL pointer dereference in reopen failure path (bnc#1038583). - bnxt_en: Fix TX push operation on ARM64 (bnc#1038583). - bnxt_en: Fix VF virtual link state (bnc#1038583). - bnxt_en: Fix a VXLAN vs GENEVE issue (bnc#1038583). - bnxt_en: Fix and clarify link_info->advertising (bnc#1038583). - bnxt_en: Fix ring arithmetic in bnxt_setup_tc() (bnc#1038583). - bnxt_en: Pad TX packets below 52 bytes (bnc#1038583). - bnxt_en: Refactor TPA code path (bnc#1038583). - bnxt_en: fix pci cleanup in bnxt_init_one() failure path (bnc#1038583). - bnxt_en: initialize rc to zero to avoid returning garbage (bnc#1038583). - brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain (bsc#1031717). - btrfs: Add WARN_ON for qgroup reserved underflow (bsc#1031515). - btrfs: Do not clear SGID when inheriting ACLs (bsc#1030552). - btrfs: add cond_resched to btrfs_qgroup_trace_leaf_items (bsc#1028286). - btrfs: fix early ENOSPC due to delalloc (bsc#1049226). - btrfs: fix lockup in find_free_extent with read-only block groups (bsc#1046682). - btrfs: incremental send, fix invalid path for link commands (bsc#1051479). - btrfs: incremental send, fix invalid path for unlink commands (bsc#1051479). - btrfs: resume qgroup rescan on rw remount (bsc#1047152). - btrfs: send, fix invalid path after renaming and linking file (bsc#1051479). - ceph: fix readpage from fscache (bsc#1057015). - cpuidle: dt: Add missing 'of_node_put()' (bnc#1022476). - crypto: s5p-sss - fix incorrect usage of scatterlists api (bsc#1048317). - cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc# 1045154). - cxgb4: Fix stack out-of-bounds read due to wrong size to t4_record_mbox() (bsc#1021424 bsc#1022743). - cxl: Unlock on error in probe (bsc#1034762, Pending SUSE Kernel Fixes). - dentry name snapshots (bsc#1049483). - dm: fix second blk_delay_queue() parameter to be in msec units not (bsc#1047670). - drivers: hv: vmbus: Increase the time between retries in vmbus_post_msg() (bnc#1044112). - drivers: net: xgene: Fix wrong logical operation (bsc#1056827). - drm/amdgpu: Fix overflow of watermark calcs at greater than 4k resolutions (bsc#1031717). - drm/bochs: Implement nomodeset (bsc#1047096). - drm/i915/fbdev: Stop repeating tile configuration on stagnation (bsc#1031717). - drm/i915: Fix scaler init during CRTC HW state readout (bsc#1031717). - drm/i915: Serialize GTT/Aperture accesses on BXT (bsc#1046821). - drm/virtio: do not leak bo on drm_gem_object_init failure (bsc#1047277). - drm/vmwgfx: Fix large topology crash (bsc#1048155). - drm/vmwgfx: Limit max desktop dimensions to 8Kx8K (bsc#1048155). - drm/vmwgfx: Support topology greater than texture size (bsc#1048155). - efi/libstub: Skip GOP with PIXEL_BLT_ONLY format (bnc#974215). - ext2: Do not clear SGID when inheriting ACLs (bsc#1030552). - ext4: Do not clear SGID when inheriting ACLs (bsc#1030552). - ext4: avoid unnecessary stalls in ext4_evict_inode() (bsc#1049486). - ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors (bsc#1012829). - fs/fcntl: f_setown, avoid undefined behaviour (bnc#1006180). - fuse: initialize the flock flag in fuse_file on allocation (git-fixes). - gcov: add support for gcc version greater than 6 (bsc#1051663). - gcov: support GCC 7.1 (bsc#1051663). - gfs2: Do not clear SGID when inheriting ACLs (bsc#1012829). - gfs2: fix flock panic issue (bsc#1012829). - hrtimer: Catch invalid clockids again (bsc#1047651). - hrtimer: Revert CLOCK_MONOTONIC_RAW support (bsc#1047651). - hv_util: switch to using timespec64. - hv_utils: drop .getcrosststamp() support from PTP driver (bnc#1044112, bnc#1042778, bnc#1029693). - hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts (bnc#1044112, bnc#1042778, bnc#1029693). - i2c: designware-baytrail: fix potential null pointer dereference on dev (bsc#1011913). - i40e: Removal of workaround for simple MAC address filter deletion (bsc#1039915). - i40e: When searching all MAC/VLAN filters, ignore removed filters (bsc#1039915). - i40e: add VSI info to macaddr messages (bsc#1039915). - i40e: add hw struct local variable (bsc#1039915). - i40e: add private flag to control source pruning (bsc#1034075). - i40e: avoid O(n^2) loop when deleting all filters (bsc#1039915). - i40e: avoid looping to check whether we're in VLAN mode (bsc#1039915). - i40e: delete filter after adding its replacement when converting (bsc#1039915). - i40e: do not add broadcast filter for VFs (bsc#1039915). - i40e: do not allow i40e_vsi_(add|kill)_vlan to operate when VID lower than 1 (bsc#1039915). - i40e: drop is_vf and is_netdev fields in struct i40e_mac_filter (bsc#1039915). - i40e: enable VSI broadcast promiscuous mode instead of adding broadcast filter (bsc#1039915). - i40e: factor out addition/deletion of VLAN per each MAC address (bsc#1039915). - i40e: fix MAC filters when removing VLANs (bsc#1039915). - i40e: fold the i40e_is_vsi_in_vlan check into i40e_put_mac_in_vlan (bsc#1039915). - i40e: implement __i40e_del_filter and use where applicable (bsc#1039915). - i40e: make use of __dev_uc_sync and __dev_mc_sync (bsc#1039915). - i40e: move all updates for VLAN mode into i40e_sync_vsi_filters (bsc#1039915). - i40e: move i40e_put_mac_in_vlan and i40e_del_mac_all_vlan (bsc#1039915). - i40e: no need to check is_vsi_in_vlan before calling i40e_del_mac_all_vlan (bsc#1039915). - i40e: properly cleanup on allocation failure in i40e_sync_vsi_filters (bsc#1039915). - i40e: recalculate vsi->active_filters from hash contents (bsc#1039915). - i40e: refactor Rx filter handling (bsc#1039915). - i40e: refactor i40e_put_mac_in_vlan to avoid changing f->vlan (bsc#1039915). - i40e: refactor i40e_update_filter_state to avoid passing aq_err (bsc#1039915). - i40e: remove code to handle dev_addr specially (bsc#1039915). - i40e: remove duplicate add/delete adminq command code for filters (bsc#1039915). - i40e: remove second check of VLAN_N_VID in i40e_vlan_rx_add_vid (bsc#1039915). - i40e: removed unreachable code (bsc#1039915). - i40e: rename i40e_put_mac_in_vlan and i40e_del_mac_all_vlan (bsc#1039915). - i40e: restore workaround for removing default MAC filter (bsc#1039915). - i40e: set broadcast promiscuous mode for each active VLAN (bsc#1039915). - i40e: store MAC/VLAN filters in a hash with the MAC Address as key (bsc#1039915). - i40e: use (add|rm)_vlan_all_mac helper functions when changing PVID (bsc#1039915). - i40e: when adding or removing MAC filters, correctly handle VLANs (bsc#1039915). - i40e: write HENA for VFs (bsc#1039915). - ibmvnic: Check for transport event on driver resume (bsc#1051556, bsc#1052709). - ibmvnic: Clean up resources on probe failure (bsc#1058116). - ibmvnic: Initialize SCRQ's during login renegotiation (bsc#1052223). - ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794). - iio: hid-sensor: fix return of -EINVAL on invalid values in ret or value (bsc#1031717). - introduce the walk_process_tree() helper (bnc#1022476). - iommu/amd: Fix schedule-while-atomic BUG in initialization code (bsc1052533). - ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (bsc#1041958). - ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output (bsc#1041958). - iwlwifi: missing error code in iwl_trans_pcie_alloc() (bsc#1031717). - iwlwifi: mvm: compare full command ID. - iwlwifi: mvm: do not send CTDP commands via debugfs if not supported (bsc#1031717). - iwlwifi: mvm: reset the fw_dump_desc pointer after ASSERT (bsc#1031717). - iwlwifi: mvm: synchronize firmware DMA paging memory. - iwlwifi: mvm: unconditionally stop device after init (bsc#1031717). - iwlwifi: mvm: unmap the paging memory before freeing it. - iwlwifi: pcie: fix command completion name debug (bsc#1031717). - kABI-fix for 'x86/panic: replace smp_send_stop() with kdump friendly version in panic path' (bsc#1051478). - kernel/*: switch to memdup_user_nul() (bsc#1048893). - kvm: nVMX: Fix nested_vmx_check_msr_bitmap_controls (bsc#1051478). - lib: test_rhashtable: Fix KASAN warning (bsc#1055359). - lib: test_rhashtable: fix for large entry counts (bsc#1055359). - libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175). - libnvdimm: fix badblock range handling of ARS range (bsc#1023175). - lightnvm: nvme reset_controller is not working after adapter's firmware upgrade (bsc#988784). - lightnvm: remove unused rq parameter of nvme_nvm_rqtocmd() to kill warning. - mac80211_hwsim: Replace bogus hrtimer clockid (bsc#1047651). - md/raid5: fix a race condition in stripe batch (linux-stable). - mm, madvise: ensure poisoned pages are removed from per-cpu lists (VM hw poison -- git fixes). - mm-adaptive-hash-table-scaling-v5 (bnc#1036303). - mm/page_alloc.c: apply gfp_allowed_mask before the first allocation attempt (bnc#971975 VM -- git fixes). - mm: adaptive hash table scaling (bnc#1036303). - mm: call page_ext_init() after all struct pages are initialized (VM Debugging Functionality, bsc#1047048). - mm: drop HASH_ADAPT (bnc#1036303). - mm: fix classzone_idx underflow in shrink_zones() (VM Functionality, bsc#1042314). - mm: make PR_SET_THP_DISABLE immediately active (bnc#1048891). - mptsas: Fixup device hotplug for VMWare ESXi (bsc#1030850). - mwifiex: do not update MCS set from hostapd (bsc#1031717). - net/mlx5: Fix driver load error flow when firmware is stuck (git-fixes). - net: account for current skb length when deciding about UFO (bsc#1041958). - net: ena: add hardware hints capability to the driver (bsc#1047121). - net: ena: add missing return when ena_com_get_io_handlers() fails (bsc#1047121). - net: ena: add missing unmap bars on device removal (bsc#1047121). - net: ena: add reset reason for each device FLR (bsc#1047121). - net: ena: add support for out of order rx buffers refill (bsc#1047121). - net: ena: allow the driver to work with small number of msix vectors (bsc#1047121). - net: ena: bug fix in lost tx packets detection mechanism (bsc#1047121). - net: ena: change return value for unsupported features unsupported return value (bsc#1047121). - net: ena: change sizeof() argument to be the type pointer (bsc#1047121). - net: ena: disable admin msix while working in polling mode (bsc#1047121). - net: ena: fix bug that might cause hang after consecutive open/close interface (bsc#1047121). - net: ena: fix race condition between submit and completion admin command (bsc#1047121). - net: ena: fix rare uncompleted admin command false alarm (bsc#1047121). - net: ena: fix theoretical Rx hang on low memory systems (bsc#1047121). - net: ena: separate skb allocation to dedicated function (bsc#1047121). - net: ena: update driver's rx drop statistics (bsc#1047121). - net: ena: update ena driver to version 1.1.7 (bsc#1047121). - net: ena: update ena driver to version 1.2.0 (bsc#1047121). - net: ena: use lower_32_bits()/upper_32_bits() to split dma address (bsc#1047121). - net: ena: use napi_schedule_irqoff when possible (bsc#1047121). - net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish() (bsc#1042286). - net: phy: Do not perform software reset for Generic PHY (bsc#1042286). - netfilter: fix IS_ERR_VALUE usage (bsc#1052888). - netfilter: x_tables: pack percpu counter allocations (bsc#1052888). - netfilter: x_tables: pass xt_counters struct instead of packet counter (bsc#1052888). - netfilter: x_tables: pass xt_counters struct to counter allocator (bsc#1052888). - new helper: memdup_user_nul() (bsc#1048893). - ocfs2: Do not clear SGID when inheriting ACLs (bsc#1030552). - ocfs2: Make ocfs2_set_acl() static (bsc#1030552). - ocfs2: fix deadlock caused by recursive locking in xattr (bsc#1012829). - of: fix '/cpus' reference leak in of_numa_parse_cpu_nodes() (bsc#1056827). - ovl: fix dentry leak for default_permissions (bsc#1054084). - percpu_ref: allow operation mode switching operations to be called concurrently (bsc#1055096). - percpu_ref: remove unnecessary RCU grace period for staggered atomic switching confirmation (bsc#1055096). - percpu_ref: reorganize __percpu_ref_switch_to_atomic() and relocate percpu_ref_switch_to_atomic() (bsc#1055096). - percpu_ref: restructure operation mode switching (bsc#1055096). - percpu_ref: unify staggered atomic switching wait behavior (bsc#1055096). - perf/x86/intel: Cure bogus unwind from PEBS entries (bsc#1051478). - perf/x86/intel: Fix PEBSv3 record drain (bsc#1051478). - perf/x86: Fix spurious NMI with PEBS Load Latency event (bsc#1051478). - platform/x86: ideapad-laptop: Add IdeaPad 310-15IKB to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add IdeaPad V310-15ISK to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add IdeaPad V510-15IKB to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add Lenovo Yoga 910-13IKB to no_hw_rfkill dmi list (bsc#1051022). - platform/x86: ideapad-laptop: Add Y520-15IKBN to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add Y700 15-ACZ to no_hw_rfkill DMI list (bsc#1051022). - platform/x86: ideapad-laptop: Add Y720-15IKBN to no_hw_rfkill (bsc#1051022). - platform/x86: ideapad-laptop: Add several models to no_hw_rfkill (bsc#1051022). - prctl: propagate has_child_subreaper flag to every descendant (bnc#1022476). - qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374). - reiserfs: Do not clear SGID when inheriting ACLs (bsc#1030552). - rpm/kernel-binary.spec.in: find-debuginfo.sh should not touch build-id This needs rpm-4.14+ (bsc#964063). - rtnetlink: fix rtnl_vfinfo_size (bsc#1056261). - s390: export symbols for crash-kmp (bsc#1053915). - sched/core: Allow __sched_setscheduler() in interrupts when PI is not used (bnc#1022476). - sched/debug: Print the scheduler topology group mask (bnc#1022476). - sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1022476). - sched/fair: Fix O(nr_cgroups) in load balance path (bnc#1022476). - sched/fair: Use task_groups instead of leaf_cfs_rq_list to walk all cfs_rqs (bnc#1022476). - sched/topology: Add sched_group_capacity debugging (bnc#1022476). - sched/topology: Fix building of overlapping sched-groups (bnc#1022476). - sched/topology: Fix overlapping sched_group_capacity (bnc#1022476). - sched/topology: Move comment about asymmetric node setups (bnc#1022476). - sched/topology: Refactor function build_overlap_sched_groups() (bnc#1022476). - sched/topology: Remove FORCE_SD_OVERLAP (bnc#1022476). - sched/topology: Simplify build_overlap_sched_groups() (bnc#1022476). - sched/topology: Small cleanup (bnc#1022476). - sched/topology: Verify the first group matches the child domain (bnc#1022476). - scsi: Add STARGET_CREATE_REMOVE state to scsi_target_state (bsc#1013887). - scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221). - scsi: kABI fix for new state STARGET_CREATED_REMOVE (bsc#1013887). - scsi: storvsc: Workaround for virtual DVD SCSI version (bnc#1044636). - scsi_devinfo: fixup string compare (bsc#1037404). - scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792). - smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - sr9700: use skb_cow_head() to deal with cloned skbs (bsc#1045154). - supported.conf: clear mistaken external support flag for cifs.ko (bsc#1053802). - sysctl: do not print negative flag for proc_douintvec (bnc#1046985). - sysctl: fix lax sysctl_check_table() sanity check (bsc#1048893). - sysctl: fold sysctl_writes_strict checks into helper (bsc#1048893). - sysctl: kdoc'ify sysctl_writes_strict (bsc#1048893). - sysctl: simplify unsigned int support (bsc#1048893). - timers: Plug locking race vs. timer migration (bnc#1022476). - tpm: Issue a TPM2_Shutdown for TPM2 devices (bsc#1053117). - tpm: KABI fix (bsc#1053117). - tpm: fix: return rc when devm_add_action() fails (bsc#1020645, bsc#1034048). - tpm: read burstcount from TPM_STS in one 32-bit transaction (bsc#1020645, bsc#1034048). - tpm_tis_core: Choose appropriate timeout for reading burstcount (bsc#1020645, bsc#1034048). - tpm_tis_core: convert max timeouts from msec to jiffies (bsc#1020645, bsc#1034048). - tty: serial: msm: Support more bauds (git-fixes). - ubifs: Correctly evict xattr inodes (bsc#1012829). - ubifs: Do not leak kernel memory to the MTD (bsc#1012829). - udf: Fix deadlock between writeback and udf_setsize() (bsc#1012829). - udf: Fix races with i_size changes during readpage (bsc#1012829). - vfs: fix missing inode_get_dev sites (bsc#1052049). - x86/LDT: Print the real LDT base address (bsc#1051478). - x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache() (bsc#1051399). - x86/mce: Make timer handling more robust (bsc#1042422). - x86/panic: replace smp_send_stop() with kdump friendly version in panic path (bsc#1051478). - xen-netfront: Rework the fix for Rx stall during OOM and network stress (git-fixes). - xen/balloon: do not online new memory initially (bnc#1028173). - xen/pvh*: Support greater than 32 VCPUs at domain restore (bnc#1045563). - xen: allocate page for shared info page from low memory (bnc#1038616). - xen: hold lock_device_hotplug throughout vcpu hotplug operations (bsc#1042422). - xfrm: NULL dereference on allocation failure (bsc#1047343). - xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653). - xfs: Do not clear SGID when inheriting ACLs (bsc#1030552). - xfs: do not BUG() on mixed direct and mapped I/O (bsc#1050188). - xfs: fix inobt inode allocation search optimization (bsc#1012829).

Patchnames: SUSE-SLE-RT-12-SP2-2017-1833

CVE-2017-1000111

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-1000112

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-1000251

8.8 (High)


                        
                          CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-1000252

4.7 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-1000365

2.9 (Low)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-10810

5.1 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-11472

2.9 (Low)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact low

CVE-2017-11473

6.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-12134

8.1 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-12154

5.6 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-14051

6.4 (Medium)


                        
                          CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-14106

5.5 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7518

5.3 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7533

7.4 (High)


                        
                          CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2017-7541

6.2 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-7542

6.2 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

CVE-2017-8831

6.7 (Medium)


                        
                          CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 12 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64	—	Vendor Fix
Unresolved product id: SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64	—	Vendor Fix

Threats

Impact moderate

References

215 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-security-upd…	self
https://bugzilla.suse.com/1005917	self
https://bugzilla.suse.com/1006180	self
https://bugzilla.suse.com/1011913	self
https://bugzilla.suse.com/1012382	self
https://bugzilla.suse.com/1012829	self
https://bugzilla.suse.com/1013887	self
https://bugzilla.suse.com/1018419	self
https://bugzilla.suse.com/1019151	self
https://bugzilla.suse.com/1020645	self
https://bugzilla.suse.com/1020657	self
https://bugzilla.suse.com/1020685	self
https://bugzilla.suse.com/1021424	self
https://bugzilla.suse.com/1022476	self
https://bugzilla.suse.com/1022743	self
https://bugzilla.suse.com/1023175	self
https://bugzilla.suse.com/1024405	self
https://bugzilla.suse.com/1028173	self
https://bugzilla.suse.com/1028286	self
https://bugzilla.suse.com/1028819	self
https://bugzilla.suse.com/1029693	self
https://bugzilla.suse.com/1030552	self
https://bugzilla.suse.com/1030850	self
https://bugzilla.suse.com/1031515	self
https://bugzilla.suse.com/1031717	self
https://bugzilla.suse.com/1031784	self
https://bugzilla.suse.com/1033587	self
https://bugzilla.suse.com/1034048	self
https://bugzilla.suse.com/1034075	self
https://bugzilla.suse.com/1034762	self
https://bugzilla.suse.com/1036303	self
https://bugzilla.suse.com/1036632	self
https://bugzilla.suse.com/1037344	self
https://bugzilla.suse.com/1037404	self
https://bugzilla.suse.com/1037994	self
https://bugzilla.suse.com/1038078	self
https://bugzilla.suse.com/1038583	self
https://bugzilla.suse.com/1038616	self
https://bugzilla.suse.com/1038792	self
https://bugzilla.suse.com/1038846	self
https://bugzilla.suse.com/1038847	self
https://bugzilla.suse.com/1039354	self
https://bugzilla.suse.com/1039915	self
https://bugzilla.suse.com/1040307	self
https://bugzilla.suse.com/1040351	self
https://bugzilla.suse.com/1041958	self
https://bugzilla.suse.com/1042286	self
https://bugzilla.suse.com/1042314	self
https://bugzilla.suse.com/1042422	self
https://bugzilla.suse.com/1042778	self
https://bugzilla.suse.com/1043652	self
https://bugzilla.suse.com/1044112	self
https://bugzilla.suse.com/1044636	self
https://bugzilla.suse.com/1045154	self
https://bugzilla.suse.com/1045563	self
https://bugzilla.suse.com/1045922	self
https://bugzilla.suse.com/1046682	self
https://bugzilla.suse.com/1046821	self
https://bugzilla.suse.com/1046985	self
https://bugzilla.suse.com/1047027	self
https://bugzilla.suse.com/1047048	self
https://bugzilla.suse.com/1047096	self
https://bugzilla.suse.com/1047118	self
https://bugzilla.suse.com/1047121	self
https://bugzilla.suse.com/1047152	self
https://bugzilla.suse.com/1047277	self
https://bugzilla.suse.com/1047343	self
https://bugzilla.suse.com/1047354	self
https://bugzilla.suse.com/1047487	self
https://bugzilla.suse.com/1047651	self
https://bugzilla.suse.com/1047653	self
https://bugzilla.suse.com/1047670	self
https://bugzilla.suse.com/1048155	self
https://bugzilla.suse.com/1048221	self
https://bugzilla.suse.com/1048317	self
https://bugzilla.suse.com/1048891	self
https://bugzilla.suse.com/1048893	self
https://bugzilla.suse.com/1048914	self
https://bugzilla.suse.com/1048934	self
https://bugzilla.suse.com/1049226	self
https://bugzilla.suse.com/1049483	self
https://bugzilla.suse.com/1049486	self
https://bugzilla.suse.com/1049580	self
https://bugzilla.suse.com/1049603	self
https://bugzilla.suse.com/1049645	self
https://bugzilla.suse.com/1049882	self
https://bugzilla.suse.com/1050061	self
https://bugzilla.suse.com/1050188	self
https://bugzilla.suse.com/1051022	self
https://bugzilla.suse.com/1051059	self
https://bugzilla.suse.com/1051239	self
https://bugzilla.suse.com/1051399	self
https://bugzilla.suse.com/1051478	self
https://bugzilla.suse.com/1051479	self
https://bugzilla.suse.com/1051556	self
https://bugzilla.suse.com/1051663	self
https://bugzilla.suse.com/1051790	self
https://bugzilla.suse.com/1052049	self
https://bugzilla.suse.com/1052223	self
https://bugzilla.suse.com/1052311	self
https://bugzilla.suse.com/1052365	self
https://bugzilla.suse.com/1052533	self
https://bugzilla.suse.com/1052580	self
https://bugzilla.suse.com/1052709	self
https://bugzilla.suse.com/1052773	self
https://bugzilla.suse.com/1052794	self
https://bugzilla.suse.com/1052888	self
https://bugzilla.suse.com/1053117	self
https://bugzilla.suse.com/1053802	self
https://bugzilla.suse.com/1053915	self
https://bugzilla.suse.com/1054084	self
https://bugzilla.suse.com/1055013	self
https://bugzilla.suse.com/1055096	self
https://bugzilla.suse.com/1055359	self
https://bugzilla.suse.com/1056261	self
https://bugzilla.suse.com/1056588	self
https://bugzilla.suse.com/1056827	self
https://bugzilla.suse.com/1056982	self
https://bugzilla.suse.com/1057015	self
https://bugzilla.suse.com/1057389	self
https://bugzilla.suse.com/1058038	self
https://bugzilla.suse.com/1058116	self
https://bugzilla.suse.com/1058507	self
https://bugzilla.suse.com/963619	self
https://bugzilla.suse.com/964063	self
https://bugzilla.suse.com/964944	self
https://bugzilla.suse.com/971975	self
https://bugzilla.suse.com/974215	self
https://bugzilla.suse.com/981309	self
https://bugzilla.suse.com/988784	self
https://bugzilla.suse.com/993890	self
https://www.suse.com/security/cve/CVE-2017-1000111/	self
https://www.suse.com/security/cve/CVE-2017-1000112/	self
https://www.suse.com/security/cve/CVE-2017-1000251/	self
https://www.suse.com/security/cve/CVE-2017-1000252/	self
https://www.suse.com/security/cve/CVE-2017-1000365/	self
https://www.suse.com/security/cve/CVE-2017-10810/	self
https://www.suse.com/security/cve/CVE-2017-11472/	self
https://www.suse.com/security/cve/CVE-2017-11473/	self
https://www.suse.com/security/cve/CVE-2017-12134/	self
https://www.suse.com/security/cve/CVE-2017-12154/	self
https://www.suse.com/security/cve/CVE-2017-14051/	self
https://www.suse.com/security/cve/CVE-2017-14106/	self
https://www.suse.com/security/cve/CVE-2017-7518/	self
https://www.suse.com/security/cve/CVE-2017-7533/	self
https://www.suse.com/security/cve/CVE-2017-7541/	self
https://www.suse.com/security/cve/CVE-2017-7542/	self
https://www.suse.com/security/cve/CVE-2017-8831/	self
https://www.suse.com/security/cve/CVE-2017-1000111	external
https://bugzilla.suse.com/1052365	external
https://bugzilla.suse.com/1052367	external
https://www.suse.com/security/cve/CVE-2017-1000112	external
https://bugzilla.suse.com/1052311	external
https://bugzilla.suse.com/1052365	external
https://bugzilla.suse.com/1052368	external
https://bugzilla.suse.com/1072117	external
https://bugzilla.suse.com/1072162	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-1000251	external
https://bugzilla.suse.com/1057389	external
https://bugzilla.suse.com/1057950	external
https://bugzilla.suse.com/1070535	external
https://bugzilla.suse.com/1072117	external
https://bugzilla.suse.com/1072162	external
https://bugzilla.suse.com/1120758	external
https://www.suse.com/security/cve/CVE-2017-1000252	external
https://bugzilla.suse.com/1058038	external
https://www.suse.com/security/cve/CVE-2017-1000365	external
https://bugzilla.suse.com/1037551	external
https://bugzilla.suse.com/1039346	external
https://bugzilla.suse.com/1039349	external
https://bugzilla.suse.com/1039354	external
https://bugzilla.suse.com/1054557	external
https://bugzilla.suse.com/1077345	external
https://www.suse.com/security/cve/CVE-2017-10810	external
https://bugzilla.suse.com/1047277	external
https://www.suse.com/security/cve/CVE-2017-11472	external
https://bugzilla.suse.com/1049580	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-11473	external
https://bugzilla.suse.com/1049603	external
https://bugzilla.suse.com/1061680	external
https://bugzilla.suse.com/1087082	external
https://bugzilla.suse.com/1115893	external
https://www.suse.com/security/cve/CVE-2017-12134	external
https://bugzilla.suse.com/1051790	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-12154	external
https://bugzilla.suse.com/1058038	external
https://bugzilla.suse.com/1058507	external
https://www.suse.com/security/cve/CVE-2017-14051	external
https://bugzilla.suse.com/1056588	external
https://www.suse.com/security/cve/CVE-2017-14106	external
https://bugzilla.suse.com/1056982	external
https://www.suse.com/security/cve/CVE-2017-7518	external
https://bugzilla.suse.com/1045922	external
https://bugzilla.suse.com/1087082	external
https://www.suse.com/security/cve/CVE-2017-7533	external
https://bugzilla.suse.com/1049483	external
https://bugzilla.suse.com/1050677	external
https://bugzilla.suse.com/1050751	external
https://bugzilla.suse.com/1053919	external
https://www.suse.com/security/cve/CVE-2017-7541	external
https://bugzilla.suse.com/1049645	external
https://www.suse.com/security/cve/CVE-2017-7542	external
https://bugzilla.suse.com/1049882	external
https://bugzilla.suse.com/1061936	external
https://www.suse.com/security/cve/CVE-2017-8831	external
https://bugzilla.suse.com/1037994	external
https://bugzilla.suse.com/1061936	external
https://bugzilla.suse.com/1087082	external
https://bugzilla.suse.com/1115893	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThe SUSE Linux Enterprise 12 SP2 RT kernel was updated to 4.4.88 to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the\n  arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY\n  (1/4 of the size), but did not take the argument and environment pointers into\n  account, which allowed attackers to bypass this limitation (bnc#1039354)\n- CVE-2017-1000112: Prevent race condition in net-packet code that could have\n  been exploited by unprivileged users to gain root access. (bnc#1052311)\n- CVE-2017-1000251: The native Bluetooth stack was vulnerable to a stack\n  overflow vulnerability in the processing of L2CAP configuration\n  responses resulting in remote code execution in kernel space (bnc#1057389)\n- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl\n  function in drivers/scsi/qla2xxx/qla_attr.c allowed local users to cause a\n  denial of service (memory corruption and system crash) by leveraging root\n  access (bnc#1056588)\n- CVE-2017-8831: The saa7164_bus_get function allowed local users to cause a\n  denial of service (out-of-bounds array access) or possibly have unspecified\n  other impact by changing a certain sequence-number value, aka a \u0027double fetch\u0027\n  vulnerability (bnc#1037994)\n- CVE-2017-1000252: Wrong gsi values via KVM_IRQFD allowed unprivileged users\n  using KVM to cause DoS on Intel systems (bsc#1058038).\n- CVE-2017-1000111: Prevent in packet_set_ring on PACKET_RESERVE (bsc#1052365).\n- CVE-2017-10810: Memory leak in the virtio_gpu_object_create function in\n  drivers/gpu/drm/virtio/virtgpu_object.c allowed attackers to cause a denial of\n  service (memory consumption) by triggering object-initialization failures\n  (bnc#1047277).\n- CVE-2017-11472: The acpi_ns_terminate() function did not flush the operand\n  cache and causes a kernel stack dump, which allowed local users to obtain\n  sensitive information from kernel memory and bypass the KASLR protection\n  mechanism via a crafted ACPI table (bnc#1049580).\n- CVE-2017-11473: Buffer overflow in the mp_override_legacy_irq() function\n  allowed local users to gain privileges via a crafted ACPI table (bnc#1049603).\n- CVE-2017-12134: The xen_biovec_phys_mergeable function might have allow local\n  OS guest users to corrupt block device data streams and consequently obtain\n  sensitive memory information, cause a denial of service, or gain host OS\n  privileges by leveraging incorrect block IO merge-ability calculation\n  (bnc#1051790).\n- CVE-2017-12154: L2 guest could have accessed hardware(L0) CR8 register and\n  crashed the host system (bsc#1058507).\n- CVE-2017-14106: The tcp_disconnect function allowed local users to cause a\n  denial of service (__tcp_select_window divide-by-zero error and system crash)\n  by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982).\n- CVE-2017-7518: Faulty debug exception via syscall emulation allowed non-linux\n  guests to escalate their privileges in the guest (bsc#1045922).\n- CVE-2017-7533: Race condition in the fsnotify implementation allowed local\n  users to gain privileges or cause a denial of service (memory corruption) via a\n  crafted application that leverages simultaneous execution of the\n  inotify_handle_event and vfs_rename functions (bsc#1049483).\n- CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function allowed local users to\n  cause a denial of service (buffer overflow and system crash) or possibly gain\n  privileges via a crafted NL80211_CMD_FRAME Netlink packet (bsc#1049645).\n- CVE-2017-7542: The ip6_find_1stfragopt function allowed local users to cause\n  a denial of service (integer overflow and infinite loop) by leveraging the\n  ability to open a raw socket (bsc#1049882).\n\nThe following non-security bugs were fixed:\n\n- ACPI / processor: Avoid reserving IO regions too early (bsc#1051478).\n- ACPI / scan: Prefer devices without _HID for _ADR matching.\n- ALSA: fm801: Initialize chip after IRQ handler is registered (bsc#1031717).\n- ALSA: hda - Add stereo mic quirk for Lenovo G50-70 (17aa:3978) (bsc#1020657).\n- ALSA: hda - Fix endless loop of codec configure (bsc#1031717).\n- ALSA: hda - Implement mic-mute LED mode enum (bsc#1055013).\n- ALSA: hda - set input_path bitmap to zero after moving it to new place (bsc#1031717).\n- ALSA: hda/realtek - Add support headphone Mic for ALC221 of HP platform (bsc#1024405).\n- ALSA: ice1712: Add support for STAudio ADCIII (bsc#1048934).\n- ALSA: usb-audio: Apply sample rate quirk to Sennheiser headset (bsc#1052580).\n- Add \u0027shutdown\u0027 to \u0027struct class\u0027 (bsc#1053117).\n- Bluetooth: bnep: fix possible might sleep error in bnep_session (bsc#1031784).\n- Bluetooth: cmtp: fix possible might sleep error in cmtp_session (bsc#1031784).\n- Bluetooth: hidp: fix possible might sleep error in hidp_session_thread (bsc#1031784).\n- Drivers: hv: Fix the bug in generating the guest ID.\n- Drivers: hv: util: Fix a typo.\n- Drivers: hv: vmbus: Get the current time from the current clocksource (bnc#1044112, bnc#1042778, bnc#1029693).\n- Drivers: hv: vmbus: Move the code to signal end of message.\n- Drivers: hv: vmbus: Move the definition of generate_guest_id().\n- Drivers: hv: vmbus: Move the definition of hv_x64_msr_hypercall_contents.\n- Drivers: hv: vmbus: Restructure the clockevents code.\n- Fix kABI breakage by KVM CVE fix (bsc#1045922).\n- IB/hfi1: Wait for QSFP modules to initialize (bsc#1019151).\n- Input: gpio-keys - fix check for disabling unsupported keys (bsc#1031717).\n- KVM: nVMX: Fix nested VPID vmx exec control (bsc#1051478).\n- KVM: nVMX: fix msr bitmaps to prevent L2 from accessing L0 x2APIC (bsc#1051478).\n- KVM: x86: avoid simultaneous queueing of both IRQ and SMI (bsc#1051478).\n- MD: fix sleep in atomic (bsc#1040351).\n- More Git-commit header fixups No functional change intended.\n- NFS: Cache aggressively when file is open for writing (bsc#1033587).\n- NFS: Do not flush caches for a getattr that races with writeback (bsc#1033587).\n- NFS: flush data when locking a file to ensure cache coherence for mmap (bsc#981309).\n- NFS: invalidate file size when taking a lock (git-fixes).\n- NFS: only invalidate dentrys that are clearly invalid (bsc#1047118).\n- PCI / PM: Fix native PME handling during system suspend/resume (bsc#1051478).\n- PCI: Add Mellanox device IDs (bsc#1051478).\n- PCI: Convert Mellanox broken INTx quirks to be for listed devices only (bsc#1051478).\n- PCI: Correct PCI_STD_RESOURCE_END usage (bsc#1051478).\n- PCI: Enable ECRC only if device supports it (bsc#1051478).\n- PCI: Support INTx masking on ConnectX-4 with firmware x.14.1100+ (bsc#1051478).\n- PCI: dwc: Fix uninitialized variable in dw_handle_msi_irq() (bsc#1051478).\n- PCI: dwc: dra7xx: Use RW1C for IRQSTATUS_MSI and IRQSTATUS_MAIN (bsc#1051478).\n- PM / Hibernate: Fix scheduling while atomic during hibernation (bsc#1051059).\n- Revert \u0027/proc/iomem: only expose physical resource addresses to privileged users\u0027 (kabi).\n- Revert \u0027ACPI / video: Add force_native quirk for HP Pavilion dv6\u0027 (bsc#1031717).\n- Revert \u0027Add \u0027shutdown\u0027 to \u0027struct class\u0027.\u0027 (kabi).\n- Revert \u0027KVM: x86: fix emulation of RSM and IRET instructions\u0027 (kabi).\n- Revert \u0027Make file credentials available to the seqfile interfaces\u0027 (kabi).\n- Revert \u0027mm/list_lru.c: fix list_lru_count_node() to be race free\u0027 (kabi).\n- Revert \u0027powerpc/numa: Fix percpu allocations to be NUMA aware\u0027 (bsc#1048914).\n- Revert \u0027tpm: Issue a TPM2_Shutdown for TPM2 devices.\u0027 (kabi).\n- USB: core: fix device node leak (bsc#1047487).\n- Update kabi files: sync with 4.4.74 updates\n- af_key: Add lock to key dump (bsc#1047653).\n- af_key: Fix slab-out-of-bounds in pfkey_compile_policy (bsc#1047354).\n- b43: Add missing MODULE_FIRMWARE() (bsc#1037344).\n- bcache: force trigger gc (bsc#1038078).\n- bcache: force trigger gc (bsc#1038078).\n- bcache: only recovery I/O error for writethrough mode (bsc#1043652).\n- bcache: only recovery I/O error for writethrough mode (bsc#1043652).\n- bdi: Fix use-after-free in wb_congested_put() (bsc#1040307).\n- blacklist.conf: 9eeacd3a2f17 not a bug fix (bnc#1050061)\n- blacklist.conf: Blacklist c133c7615751 (\u0027x86/nmi: Fix timeout test in test_nmi_ipi()\u0027) It only fixes a self-test (bsc#1051478).\n- blacklist.conf: Blacklist c9525a3fab63 (\u0027x86/watchdog: Fix Kconfig help text file path reference to lockup watchdog documentation\u0027) Updates only kconfig help-text (bsc#1051478).\n- blacklist.conf: add inapplicable commits for wifi (bsc#1031717)\n- blacklist.conf: add unapplicable drm fixes (bsc#1031717).\n- blacklist.conf: add unapplicable/cosmetic iwlwifi fixes (bsc#1031717).\n- blkfront: add uevent for size change (bnc#1036632).\n- block: Allow bdi re-registration (bsc#1040307).\n- block: Fix front merge check (bsc#1051239).\n- block: Make del_gendisk() safer for disks without queues (bsc#1040307).\n- block: Move bdi_unregister() to del_gendisk() (bsc#1040307).\n- block: do not allow updates through sysfs until registration completes (bsc#1047027).\n- bnxt: add a missing rcu synchronization (bnc#1038583).\n- bnxt: do not busy-poll when link is down (bnc#1038583).\n- bnxt_en: Enable MRU enables bit when configuring VNIC MRU (bnc#1038583).\n- bnxt_en: Fix \u0027uninitialized variable\u0027 bug in TPA code path (bnc#1038583).\n- bnxt_en: Fix NULL pointer dereference in a failure path during open (bnc#1038583).\n- bnxt_en: Fix NULL pointer dereference in reopen failure path (bnc#1038583).\n- bnxt_en: Fix TX push operation on ARM64 (bnc#1038583).\n- bnxt_en: Fix VF virtual link state (bnc#1038583).\n- bnxt_en: Fix a VXLAN vs GENEVE issue (bnc#1038583).\n- bnxt_en: Fix and clarify link_info-\u003eadvertising (bnc#1038583).\n- bnxt_en: Fix ring arithmetic in bnxt_setup_tc() (bnc#1038583).\n- bnxt_en: Pad TX packets below 52 bytes (bnc#1038583).\n- bnxt_en: Refactor TPA code path (bnc#1038583).\n- bnxt_en: fix pci cleanup in bnxt_init_one() failure path (bnc#1038583).\n- bnxt_en: initialize rc to zero to avoid returning garbage (bnc#1038583).\n- brcmfmac: Fix glom_skb leak in brcmf_sdiod_recv_chain (bsc#1031717).\n- btrfs: Add WARN_ON for qgroup reserved underflow (bsc#1031515).\n- btrfs: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- btrfs: add cond_resched to btrfs_qgroup_trace_leaf_items (bsc#1028286).\n- btrfs: fix early ENOSPC due to delalloc (bsc#1049226).\n- btrfs: fix lockup in find_free_extent with read-only block groups (bsc#1046682).\n- btrfs: incremental send, fix invalid path for link commands (bsc#1051479).\n- btrfs: incremental send, fix invalid path for unlink commands (bsc#1051479).\n- btrfs: resume qgroup rescan on rw remount (bsc#1047152).\n- btrfs: send, fix invalid path after renaming and linking file (bsc#1051479).\n- ceph: fix readpage from fscache (bsc#1057015).\n- cpuidle: dt: Add missing \u0027of_node_put()\u0027 (bnc#1022476).\n- crypto: s5p-sss - fix incorrect usage of scatterlists api (bsc#1048317).\n- cx82310_eth: use skb_cow_head() to deal with cloned skbs (bsc# 1045154).\n- cxgb4: Fix stack out-of-bounds read due to wrong size to t4_record_mbox() (bsc#1021424 bsc#1022743).\n- cxl: Unlock on error in probe (bsc#1034762, Pending SUSE Kernel Fixes).\n- dentry name snapshots (bsc#1049483).\n- dm: fix second blk_delay_queue() parameter to be in msec units not (bsc#1047670).\n- drivers: hv: vmbus: Increase the time between retries in vmbus_post_msg() (bnc#1044112).\n- drivers: net: xgene: Fix wrong logical operation (bsc#1056827).\n- drm/amdgpu: Fix overflow of watermark calcs at greater than 4k resolutions (bsc#1031717).\n- drm/bochs: Implement nomodeset (bsc#1047096).\n- drm/i915/fbdev: Stop repeating tile configuration on stagnation (bsc#1031717).\n- drm/i915: Fix scaler init during CRTC HW state readout (bsc#1031717).\n- drm/i915: Serialize GTT/Aperture accesses on BXT (bsc#1046821).\n- drm/virtio: do not leak bo on drm_gem_object_init failure (bsc#1047277).\n- drm/vmwgfx: Fix large topology crash (bsc#1048155).\n- drm/vmwgfx: Limit max desktop dimensions to 8Kx8K (bsc#1048155).\n- drm/vmwgfx: Support topology greater than texture size (bsc#1048155).\n- efi/libstub: Skip GOP with PIXEL_BLT_ONLY format (bnc#974215).\n- ext2: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- ext4: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- ext4: avoid unnecessary stalls in ext4_evict_inode() (bsc#1049486).\n- ext4: handle the rest of ext4_mb_load_buddy() ENOMEM errors (bsc#1012829).\n- fs/fcntl: f_setown, avoid undefined behaviour (bnc#1006180).\n- fuse: initialize the flock flag in fuse_file on allocation (git-fixes).\n- gcov: add support for gcc version greater than 6 (bsc#1051663).\n- gcov: support GCC 7.1 (bsc#1051663).\n- gfs2: Do not clear SGID when inheriting ACLs (bsc#1012829).\n- gfs2: fix flock panic issue (bsc#1012829).\n- hrtimer: Catch invalid clockids again (bsc#1047651).\n- hrtimer: Revert CLOCK_MONOTONIC_RAW support (bsc#1047651).\n- hv_util: switch to using timespec64.\n- hv_utils: drop .getcrosststamp() support from PTP driver (bnc#1044112, bnc#1042778, bnc#1029693).\n- hv_utils: fix TimeSync work on pre-TimeSync-v4 hosts (bnc#1044112, bnc#1042778, bnc#1029693).\n- i2c: designware-baytrail: fix potential null pointer dereference on dev (bsc#1011913).\n- i40e: Removal of workaround for simple MAC address filter deletion (bsc#1039915).\n- i40e: When searching all MAC/VLAN filters, ignore removed filters (bsc#1039915).\n- i40e: add VSI info to macaddr messages (bsc#1039915).\n- i40e: add hw struct local variable (bsc#1039915).\n- i40e: add private flag to control source pruning (bsc#1034075).\n- i40e: avoid O(n^2) loop when deleting all filters (bsc#1039915).\n- i40e: avoid looping to check whether we\u0027re in VLAN mode (bsc#1039915).\n- i40e: delete filter after adding its replacement when converting (bsc#1039915).\n- i40e: do not add broadcast filter for VFs (bsc#1039915).\n- i40e: do not allow i40e_vsi_(add|kill)_vlan to operate when VID lower than 1 (bsc#1039915).\n- i40e: drop is_vf and is_netdev fields in struct i40e_mac_filter (bsc#1039915).\n- i40e: enable VSI broadcast promiscuous mode instead of adding broadcast filter (bsc#1039915).\n- i40e: factor out addition/deletion of VLAN per each MAC address (bsc#1039915).\n- i40e: fix MAC filters when removing VLANs (bsc#1039915).\n- i40e: fold the i40e_is_vsi_in_vlan check into i40e_put_mac_in_vlan (bsc#1039915).\n- i40e: implement __i40e_del_filter and use where applicable (bsc#1039915).\n- i40e: make use of __dev_uc_sync and __dev_mc_sync (bsc#1039915).\n- i40e: move all updates for VLAN mode into i40e_sync_vsi_filters (bsc#1039915).\n- i40e: move i40e_put_mac_in_vlan and i40e_del_mac_all_vlan (bsc#1039915).\n- i40e: no need to check is_vsi_in_vlan before calling i40e_del_mac_all_vlan (bsc#1039915).\n- i40e: properly cleanup on allocation failure in i40e_sync_vsi_filters (bsc#1039915).\n- i40e: recalculate vsi-\u003eactive_filters from hash contents (bsc#1039915).\n- i40e: refactor Rx filter handling (bsc#1039915).\n- i40e: refactor i40e_put_mac_in_vlan to avoid changing f-\u003evlan (bsc#1039915).\n- i40e: refactor i40e_update_filter_state to avoid passing aq_err (bsc#1039915).\n- i40e: remove code to handle dev_addr specially (bsc#1039915).\n- i40e: remove duplicate add/delete adminq command code for filters (bsc#1039915).\n- i40e: remove second check of VLAN_N_VID in i40e_vlan_rx_add_vid (bsc#1039915).\n- i40e: removed unreachable code (bsc#1039915).\n- i40e: rename i40e_put_mac_in_vlan and i40e_del_mac_all_vlan (bsc#1039915).\n- i40e: restore workaround for removing default MAC filter (bsc#1039915).\n- i40e: set broadcast promiscuous mode for each active VLAN (bsc#1039915).\n- i40e: store MAC/VLAN filters in a hash with the MAC Address as key (bsc#1039915).\n- i40e: use (add|rm)_vlan_all_mac helper functions when changing PVID (bsc#1039915).\n- i40e: when adding or removing MAC filters, correctly handle VLANs (bsc#1039915).\n- i40e: write HENA for VFs (bsc#1039915).\n- ibmvnic: Check for transport event on driver resume (bsc#1051556, bsc#1052709).\n- ibmvnic: Clean up resources on probe failure (bsc#1058116).\n- ibmvnic: Initialize SCRQ\u0027s during login renegotiation (bsc#1052223).\n- ibmvnic: Report rx buffer return codes as netdev_dbg (bsc#1052794).\n- iio: hid-sensor: fix return of -EINVAL on invalid values in ret or value (bsc#1031717).\n- introduce the walk_process_tree() helper (bnc#1022476).\n- iommu/amd: Fix schedule-while-atomic BUG in initialization code (bsc1052533).\n- ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (bsc#1041958).\n- ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output (bsc#1041958).\n- iwlwifi: missing error code in iwl_trans_pcie_alloc() (bsc#1031717).\n- iwlwifi: mvm: compare full command ID.\n- iwlwifi: mvm: do not send CTDP commands via debugfs if not supported (bsc#1031717).\n- iwlwifi: mvm: reset the fw_dump_desc pointer after ASSERT (bsc#1031717).\n- iwlwifi: mvm: synchronize firmware DMA paging memory.\n- iwlwifi: mvm: unconditionally stop device after init (bsc#1031717).\n- iwlwifi: mvm: unmap the paging memory before freeing it.\n- iwlwifi: pcie: fix command completion name debug (bsc#1031717).\n- kABI-fix for \u0027x86/panic: replace smp_send_stop() with kdump friendly version in panic path\u0027 (bsc#1051478).\n- kernel/*: switch to memdup_user_nul() (bsc#1048893).\n- kvm: nVMX: Fix nested_vmx_check_msr_bitmap_controls (bsc#1051478).\n- lib: test_rhashtable: Fix KASAN warning (bsc#1055359).\n- lib: test_rhashtable: fix for large entry counts (bsc#1055359).\n- libnvdimm, pmem: fix a NULL pointer BUG in nd_pmem_notify (bsc#1023175).\n- libnvdimm: fix badblock range handling of ARS range (bsc#1023175).\n- lightnvm: nvme reset_controller is not working after adapter\u0027s firmware upgrade (bsc#988784).\n- lightnvm: remove unused rq parameter of nvme_nvm_rqtocmd() to kill warning.\n- mac80211_hwsim: Replace bogus hrtimer clockid (bsc#1047651).\n- md/raid5: fix a race condition in stripe batch (linux-stable).\n- mm, madvise: ensure poisoned pages are removed from per-cpu lists (VM hw poison -- git fixes).\n- mm-adaptive-hash-table-scaling-v5 (bnc#1036303).\n- mm/page_alloc.c: apply gfp_allowed_mask before the first allocation attempt (bnc#971975 VM -- git fixes).\n- mm: adaptive hash table scaling (bnc#1036303).\n- mm: call page_ext_init() after all struct pages are initialized (VM Debugging Functionality, bsc#1047048).\n- mm: drop HASH_ADAPT (bnc#1036303).\n- mm: fix classzone_idx underflow in shrink_zones() (VM Functionality, bsc#1042314).\n- mm: make PR_SET_THP_DISABLE immediately active (bnc#1048891).\n- mptsas: Fixup device hotplug for VMWare ESXi (bsc#1030850).\n- mwifiex: do not update MCS set from hostapd (bsc#1031717).\n- net/mlx5: Fix driver load error flow when firmware is stuck (git-fixes).\n- net: account for current skb length when deciding about UFO (bsc#1041958).\n- net: ena: add hardware hints capability to the driver (bsc#1047121).\n- net: ena: add missing return when ena_com_get_io_handlers() fails (bsc#1047121).\n- net: ena: add missing unmap bars on device removal (bsc#1047121).\n- net: ena: add reset reason for each device FLR (bsc#1047121).\n- net: ena: add support for out of order rx buffers refill (bsc#1047121).\n- net: ena: allow the driver to work with small number of msix vectors (bsc#1047121).\n- net: ena: bug fix in lost tx packets detection mechanism (bsc#1047121).\n- net: ena: change return value for unsupported features unsupported return value (bsc#1047121).\n- net: ena: change sizeof() argument to be the type pointer (bsc#1047121).\n- net: ena: disable admin msix while working in polling mode (bsc#1047121).\n- net: ena: fix bug that might cause hang after consecutive open/close interface (bsc#1047121).\n- net: ena: fix race condition between submit and completion admin command (bsc#1047121).\n- net: ena: fix rare uncompleted admin command false alarm (bsc#1047121).\n- net: ena: fix theoretical Rx hang on low memory systems (bsc#1047121).\n- net: ena: separate skb allocation to dedicated function (bsc#1047121).\n- net: ena: update driver\u0027s rx drop statistics (bsc#1047121).\n- net: ena: update ena driver to version 1.1.7 (bsc#1047121).\n- net: ena: update ena driver to version 1.2.0 (bsc#1047121).\n- net: ena: use lower_32_bits()/upper_32_bits() to split dma address (bsc#1047121).\n- net: ena: use napi_schedule_irqoff when possible (bsc#1047121).\n- net: handle NAPI_GRO_FREE_STOLEN_HEAD case also in napi_frags_finish() (bsc#1042286).\n- net: phy: Do not perform software reset for Generic PHY (bsc#1042286).\n- netfilter: fix IS_ERR_VALUE usage (bsc#1052888).\n- netfilter: x_tables: pack percpu counter allocations (bsc#1052888).\n- netfilter: x_tables: pass xt_counters struct instead of packet counter (bsc#1052888).\n- netfilter: x_tables: pass xt_counters struct to counter allocator (bsc#1052888).\n- new helper: memdup_user_nul() (bsc#1048893).\n- ocfs2: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- ocfs2: Make ocfs2_set_acl() static (bsc#1030552).\n- ocfs2: fix deadlock caused by recursive locking in xattr (bsc#1012829).\n- of: fix \u0027/cpus\u0027 reference leak in of_numa_parse_cpu_nodes() (bsc#1056827).\n- ovl: fix dentry leak for default_permissions (bsc#1054084).\n- percpu_ref: allow operation mode switching operations to be called concurrently (bsc#1055096).\n- percpu_ref: remove unnecessary RCU grace period for staggered atomic switching confirmation (bsc#1055096).\n- percpu_ref: reorganize __percpu_ref_switch_to_atomic() and relocate percpu_ref_switch_to_atomic() (bsc#1055096).\n- percpu_ref: restructure operation mode switching (bsc#1055096).\n- percpu_ref: unify staggered atomic switching wait behavior (bsc#1055096).\n- perf/x86/intel: Cure bogus unwind from PEBS entries (bsc#1051478).\n- perf/x86/intel: Fix PEBSv3 record drain (bsc#1051478).\n- perf/x86: Fix spurious NMI with PEBS Load Latency event (bsc#1051478).\n- platform/x86: ideapad-laptop: Add IdeaPad 310-15IKB to no_hw_rfkill (bsc#1051022).\n- platform/x86: ideapad-laptop: Add IdeaPad V310-15ISK to no_hw_rfkill (bsc#1051022).\n- platform/x86: ideapad-laptop: Add IdeaPad V510-15IKB to no_hw_rfkill (bsc#1051022).\n- platform/x86: ideapad-laptop: Add Lenovo Yoga 910-13IKB to no_hw_rfkill dmi list (bsc#1051022).\n- platform/x86: ideapad-laptop: Add Y520-15IKBN to no_hw_rfkill (bsc#1051022).\n- platform/x86: ideapad-laptop: Add Y700 15-ACZ to no_hw_rfkill DMI list (bsc#1051022).\n- platform/x86: ideapad-laptop: Add Y720-15IKBN to no_hw_rfkill (bsc#1051022).\n- platform/x86: ideapad-laptop: Add several models to no_hw_rfkill (bsc#1051022).\n- prctl: propagate has_child_subreaper flag to every descendant (bnc#1022476).\n- qeth: fix L3 next-hop im xmit qeth hdr (bnc#1052773, LTC#157374).\n- reiserfs: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- rpm/kernel-binary.spec.in: find-debuginfo.sh should not touch build-id This needs rpm-4.14+ (bsc#964063).\n- rtnetlink: fix rtnl_vfinfo_size (bsc#1056261).\n- s390: export symbols for crash-kmp (bsc#1053915).\n- sched/core: Allow __sched_setscheduler() in interrupts when PI is not used (bnc#1022476).\n- sched/debug: Print the scheduler topology group mask (bnc#1022476).\n- sched/fair, cpumask: Export for_each_cpu_wrap() (bnc#1022476).\n- sched/fair: Fix O(nr_cgroups) in load balance path (bnc#1022476).\n- sched/fair: Use task_groups instead of leaf_cfs_rq_list to walk all cfs_rqs (bnc#1022476).\n- sched/topology: Add sched_group_capacity debugging (bnc#1022476).\n- sched/topology: Fix building of overlapping sched-groups (bnc#1022476).\n- sched/topology: Fix overlapping sched_group_capacity (bnc#1022476).\n- sched/topology: Move comment about asymmetric node setups (bnc#1022476).\n- sched/topology: Refactor function build_overlap_sched_groups() (bnc#1022476).\n- sched/topology: Remove FORCE_SD_OVERLAP (bnc#1022476).\n- sched/topology: Simplify build_overlap_sched_groups() (bnc#1022476).\n- sched/topology: Small cleanup (bnc#1022476).\n- sched/topology: Verify the first group matches the child domain (bnc#1022476).\n- scsi: Add STARGET_CREATE_REMOVE state to scsi_target_state (bsc#1013887).\n- scsi: bnx2i: missing error code in bnx2i_ep_connect() (bsc#1048221).\n- scsi: kABI fix for new state STARGET_CREATED_REMOVE (bsc#1013887).\n- scsi: storvsc: Workaround for virtual DVD SCSI version (bnc#1044636).\n- scsi_devinfo: fixup string compare (bsc#1037404).\n- scsi_dh_alua: suppress errors from unsupported devices (bsc#1038792).\n- smsc75xx: use skb_cow_head() to deal with cloned skbs (bsc#1045154).\n- sr9700: use skb_cow_head() to deal with cloned skbs (bsc#1045154).\n- supported.conf: clear mistaken external support flag for cifs.ko (bsc#1053802).\n- sysctl: do not print negative flag for proc_douintvec (bnc#1046985).\n- sysctl: fix lax sysctl_check_table() sanity check (bsc#1048893).\n- sysctl: fold sysctl_writes_strict checks into helper (bsc#1048893).\n- sysctl: kdoc\u0027ify sysctl_writes_strict (bsc#1048893).\n- sysctl: simplify unsigned int support (bsc#1048893).\n- timers: Plug locking race vs. timer migration (bnc#1022476).\n- tpm: Issue a TPM2_Shutdown for TPM2 devices (bsc#1053117).\n- tpm: KABI fix (bsc#1053117).\n- tpm: fix: return rc when devm_add_action() fails (bsc#1020645, bsc#1034048).\n- tpm: read burstcount from TPM_STS in one 32-bit transaction (bsc#1020645, bsc#1034048).\n- tpm_tis_core: Choose appropriate timeout for reading burstcount (bsc#1020645, bsc#1034048).\n- tpm_tis_core: convert max timeouts from msec to jiffies (bsc#1020645, bsc#1034048).\n- tty: serial: msm: Support more bauds (git-fixes).\n- ubifs: Correctly evict xattr inodes (bsc#1012829).\n- ubifs: Do not leak kernel memory to the MTD (bsc#1012829).\n- udf: Fix deadlock between writeback and udf_setsize() (bsc#1012829).\n- udf: Fix races with i_size changes during readpage (bsc#1012829).\n- vfs: fix missing inode_get_dev sites (bsc#1052049).\n- x86/LDT: Print the real LDT base address (bsc#1051478).\n- x86/dmi: Switch dmi_remap() from ioremap() to ioremap_cache() (bsc#1051399).\n- x86/mce: Make timer handling more robust (bsc#1042422).\n- x86/panic: replace smp_send_stop() with kdump friendly version in panic path (bsc#1051478).\n- xen-netfront: Rework the fix for Rx stall during OOM and network stress (git-fixes).\n- xen/balloon: do not online new memory initially (bnc#1028173).\n- xen/pvh*: Support greater than 32 VCPUs at domain restore (bnc#1045563).\n- xen: allocate page for shared info page from low memory (bnc#1038616).\n- xen: hold lock_device_hotplug throughout vcpu hotplug operations (bsc#1042422).\n- xfrm: NULL dereference on allocation failure (bsc#1047343).\n- xfrm: Oops on error in pfkey_msg2xfrm_state() (bsc#1047653).\n- xfs: Do not clear SGID when inheriting ACLs (bsc#1030552).\n- xfs: do not BUG() on mixed direct and mapped I/O (bsc#1050188).\n- xfs: fix inobt inode allocation search optimization (bsc#1012829).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-RT-12-SP2-2017-1833",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2956-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2017:2956-1",
        "url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172956-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2017:2956-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003385.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1005917",
        "url": "https://bugzilla.suse.com/1005917"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1006180",
        "url": "https://bugzilla.suse.com/1006180"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1011913",
        "url": "https://bugzilla.suse.com/1011913"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1012382",
        "url": "https://bugzilla.suse.com/1012382"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1012829",
        "url": "https://bugzilla.suse.com/1012829"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1013887",
        "url": "https://bugzilla.suse.com/1013887"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1018419",
        "url": "https://bugzilla.suse.com/1018419"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1019151",
        "url": "https://bugzilla.suse.com/1019151"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1020645",
        "url": "https://bugzilla.suse.com/1020645"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1020657",
        "url": "https://bugzilla.suse.com/1020657"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1020685",
        "url": "https://bugzilla.suse.com/1020685"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1021424",
        "url": "https://bugzilla.suse.com/1021424"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1022476",
        "url": "https://bugzilla.suse.com/1022476"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1022743",
        "url": "https://bugzilla.suse.com/1022743"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1023175",
        "url": "https://bugzilla.suse.com/1023175"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1024405",
        "url": "https://bugzilla.suse.com/1024405"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1028173",
        "url": "https://bugzilla.suse.com/1028173"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1028286",
        "url": "https://bugzilla.suse.com/1028286"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1028819",
        "url": "https://bugzilla.suse.com/1028819"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1029693",
        "url": "https://bugzilla.suse.com/1029693"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1030552",
        "url": "https://bugzilla.suse.com/1030552"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1030850",
        "url": "https://bugzilla.suse.com/1030850"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1031515",
        "url": "https://bugzilla.suse.com/1031515"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1031717",
        "url": "https://bugzilla.suse.com/1031717"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1031784",
        "url": "https://bugzilla.suse.com/1031784"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1033587",
        "url": "https://bugzilla.suse.com/1033587"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1034048",
        "url": "https://bugzilla.suse.com/1034048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1034075",
        "url": "https://bugzilla.suse.com/1034075"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1034762",
        "url": "https://bugzilla.suse.com/1034762"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1036303",
        "url": "https://bugzilla.suse.com/1036303"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1036632",
        "url": "https://bugzilla.suse.com/1036632"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037344",
        "url": "https://bugzilla.suse.com/1037344"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037404",
        "url": "https://bugzilla.suse.com/1037404"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1037994",
        "url": "https://bugzilla.suse.com/1037994"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038078",
        "url": "https://bugzilla.suse.com/1038078"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038583",
        "url": "https://bugzilla.suse.com/1038583"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038616",
        "url": "https://bugzilla.suse.com/1038616"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038792",
        "url": "https://bugzilla.suse.com/1038792"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038846",
        "url": "https://bugzilla.suse.com/1038846"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1038847",
        "url": "https://bugzilla.suse.com/1038847"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039354",
        "url": "https://bugzilla.suse.com/1039354"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1039915",
        "url": "https://bugzilla.suse.com/1039915"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1040307",
        "url": "https://bugzilla.suse.com/1040307"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1040351",
        "url": "https://bugzilla.suse.com/1040351"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1041958",
        "url": "https://bugzilla.suse.com/1041958"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042286",
        "url": "https://bugzilla.suse.com/1042286"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042314",
        "url": "https://bugzilla.suse.com/1042314"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042422",
        "url": "https://bugzilla.suse.com/1042422"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1042778",
        "url": "https://bugzilla.suse.com/1042778"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1043652",
        "url": "https://bugzilla.suse.com/1043652"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044112",
        "url": "https://bugzilla.suse.com/1044112"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1044636",
        "url": "https://bugzilla.suse.com/1044636"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045154",
        "url": "https://bugzilla.suse.com/1045154"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045563",
        "url": "https://bugzilla.suse.com/1045563"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1045922",
        "url": "https://bugzilla.suse.com/1045922"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046682",
        "url": "https://bugzilla.suse.com/1046682"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046821",
        "url": "https://bugzilla.suse.com/1046821"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1046985",
        "url": "https://bugzilla.suse.com/1046985"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047027",
        "url": "https://bugzilla.suse.com/1047027"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047048",
        "url": "https://bugzilla.suse.com/1047048"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047096",
        "url": "https://bugzilla.suse.com/1047096"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047118",
        "url": "https://bugzilla.suse.com/1047118"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047121",
        "url": "https://bugzilla.suse.com/1047121"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047152",
        "url": "https://bugzilla.suse.com/1047152"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047277",
        "url": "https://bugzilla.suse.com/1047277"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047343",
        "url": "https://bugzilla.suse.com/1047343"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047354",
        "url": "https://bugzilla.suse.com/1047354"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047487",
        "url": "https://bugzilla.suse.com/1047487"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047651",
        "url": "https://bugzilla.suse.com/1047651"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047653",
        "url": "https://bugzilla.suse.com/1047653"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1047670",
        "url": "https://bugzilla.suse.com/1047670"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048155",
        "url": "https://bugzilla.suse.com/1048155"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048221",
        "url": "https://bugzilla.suse.com/1048221"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048317",
        "url": "https://bugzilla.suse.com/1048317"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048891",
        "url": "https://bugzilla.suse.com/1048891"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048893",
        "url": "https://bugzilla.suse.com/1048893"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048914",
        "url": "https://bugzilla.suse.com/1048914"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1048934",
        "url": "https://bugzilla.suse.com/1048934"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049226",
        "url": "https://bugzilla.suse.com/1049226"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049483",
        "url": "https://bugzilla.suse.com/1049483"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049486",
        "url": "https://bugzilla.suse.com/1049486"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049580",
        "url": "https://bugzilla.suse.com/1049580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049603",
        "url": "https://bugzilla.suse.com/1049603"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049645",
        "url": "https://bugzilla.suse.com/1049645"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1049882",
        "url": "https://bugzilla.suse.com/1049882"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050061",
        "url": "https://bugzilla.suse.com/1050061"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1050188",
        "url": "https://bugzilla.suse.com/1050188"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051022",
        "url": "https://bugzilla.suse.com/1051022"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051059",
        "url": "https://bugzilla.suse.com/1051059"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051239",
        "url": "https://bugzilla.suse.com/1051239"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051399",
        "url": "https://bugzilla.suse.com/1051399"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051478",
        "url": "https://bugzilla.suse.com/1051478"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051479",
        "url": "https://bugzilla.suse.com/1051479"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051556",
        "url": "https://bugzilla.suse.com/1051556"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051663",
        "url": "https://bugzilla.suse.com/1051663"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1051790",
        "url": "https://bugzilla.suse.com/1051790"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052049",
        "url": "https://bugzilla.suse.com/1052049"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052223",
        "url": "https://bugzilla.suse.com/1052223"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052311",
        "url": "https://bugzilla.suse.com/1052311"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052365",
        "url": "https://bugzilla.suse.com/1052365"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052533",
        "url": "https://bugzilla.suse.com/1052533"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052580",
        "url": "https://bugzilla.suse.com/1052580"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052709",
        "url": "https://bugzilla.suse.com/1052709"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052773",
        "url": "https://bugzilla.suse.com/1052773"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052794",
        "url": "https://bugzilla.suse.com/1052794"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1052888",
        "url": "https://bugzilla.suse.com/1052888"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1053117",
        "url": "https://bugzilla.suse.com/1053117"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1053802",
        "url": "https://bugzilla.suse.com/1053802"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1053915",
        "url": "https://bugzilla.suse.com/1053915"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1054084",
        "url": "https://bugzilla.suse.com/1054084"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1055013",
        "url": "https://bugzilla.suse.com/1055013"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1055096",
        "url": "https://bugzilla.suse.com/1055096"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1055359",
        "url": "https://bugzilla.suse.com/1055359"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1056261",
        "url": "https://bugzilla.suse.com/1056261"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1056588",
        "url": "https://bugzilla.suse.com/1056588"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1056827",
        "url": "https://bugzilla.suse.com/1056827"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1056982",
        "url": "https://bugzilla.suse.com/1056982"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1057015",
        "url": "https://bugzilla.suse.com/1057015"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1057389",
        "url": "https://bugzilla.suse.com/1057389"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1058038",
        "url": "https://bugzilla.suse.com/1058038"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1058116",
        "url": "https://bugzilla.suse.com/1058116"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1058507",
        "url": "https://bugzilla.suse.com/1058507"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 963619",
        "url": "https://bugzilla.suse.com/963619"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 964063",
        "url": "https://bugzilla.suse.com/964063"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 964944",
        "url": "https://bugzilla.suse.com/964944"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 971975",
        "url": "https://bugzilla.suse.com/971975"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 974215",
        "url": "https://bugzilla.suse.com/974215"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 981309",
        "url": "https://bugzilla.suse.com/981309"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 988784",
        "url": "https://bugzilla.suse.com/988784"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 993890",
        "url": "https://bugzilla.suse.com/993890"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000111 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000111/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000112 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000112/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000251 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000251/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000252 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000252/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-1000365 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-1000365/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-10810 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-10810/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11472 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11472/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-11473 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-11473/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-12134 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-12134/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-12154 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-12154/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-14051 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-14051/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-14106 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-14106/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7518 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7518/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7533 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7533/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7541 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7541/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-7542 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-7542/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2017-8831 page",
        "url": "https://www.suse.com/security/cve/CVE-2017-8831/"
      }
    ],
    "title": "Security update for the Linux Kernel",
    "tracking": {
      "current_release_date": "2017-11-08T15:02:59Z",
      "generator": {
        "date": "2017-11-08T15:02:59Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2017:2956-1",
      "initial_release_date": "2017-11-08T15:02:59Z",
      "revision_history": [
        {
          "date": "2017-11-08T15:02:59Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-devel-rt-4.4.88-18.1.noarch",
                "product": {
                  "name": "kernel-devel-rt-4.4.88-18.1.noarch",
                  "product_id": "kernel-devel-rt-4.4.88-18.1.noarch"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-source-rt-4.4.88-18.1.noarch",
                "product": {
                  "name": "kernel-source-rt-4.4.88-18.1.noarch",
                  "product_id": "kernel-source-rt-4.4.88-18.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "cluster-md-kmp-rt-4.4.88-18.1.x86_64",
                "product": {
                  "name": "cluster-md-kmp-rt-4.4.88-18.1.x86_64",
                  "product_id": "cluster-md-kmp-rt-4.4.88-18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "cluster-network-kmp-rt-4.4.88-18.1.x86_64",
                "product": {
                  "name": "cluster-network-kmp-rt-4.4.88-18.1.x86_64",
                  "product_id": "cluster-network-kmp-rt-4.4.88-18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "dlm-kmp-rt-4.4.88-18.1.x86_64",
                "product": {
                  "name": "dlm-kmp-rt-4.4.88-18.1.x86_64",
                  "product_id": "dlm-kmp-rt-4.4.88-18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "gfs2-kmp-rt-4.4.88-18.1.x86_64",
                "product": {
                  "name": "gfs2-kmp-rt-4.4.88-18.1.x86_64",
                  "product_id": "gfs2-kmp-rt-4.4.88-18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-4.4.88-18.1.x86_64",
                "product": {
                  "name": "kernel-rt-4.4.88-18.1.x86_64",
                  "product_id": "kernel-rt-4.4.88-18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-base-4.4.88-18.1.x86_64",
                "product": {
                  "name": "kernel-rt-base-4.4.88-18.1.x86_64",
                  "product_id": "kernel-rt-base-4.4.88-18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt-devel-4.4.88-18.1.x86_64",
                "product": {
                  "name": "kernel-rt-devel-4.4.88-18.1.x86_64",
                  "product_id": "kernel-rt-devel-4.4.88-18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-rt_debug-devel-4.4.88-18.1.x86_64",
                "product": {
                  "name": "kernel-rt_debug-devel-4.4.88-18.1.x86_64",
                  "product_id": "kernel-rt_debug-devel-4.4.88-18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "kernel-syms-rt-4.4.88-18.1.x86_64",
                "product": {
                  "name": "kernel-syms-rt-4.4.88-18.1.x86_64",
                  "product_id": "kernel-syms-rt-4.4.88-18.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "ocfs2-kmp-rt-4.4.88-18.1.x86_64",
                "product": {
                  "name": "ocfs2-kmp-rt-4.4.88-18.1.x86_64",
                  "product_id": "ocfs2-kmp-rt-4.4.88-18.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Real Time 12 SP2",
                "product": {
                  "name": "SUSE Linux Enterprise Real Time 12 SP2",
                  "product_id": "SUSE Linux Enterprise Real Time 12 SP2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:suse-linux-enterprise-rt:12:sp2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-md-kmp-rt-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64"
        },
        "product_reference": "cluster-md-kmp-rt-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cluster-network-kmp-rt-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64"
        },
        "product_reference": "cluster-network-kmp-rt-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "dlm-kmp-rt-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64"
        },
        "product_reference": "dlm-kmp-rt-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "gfs2-kmp-rt-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64"
        },
        "product_reference": "gfs2-kmp-rt-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-devel-rt-4.4.88-18.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch"
        },
        "product_reference": "kernel-devel-rt-4.4.88-18.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64"
        },
        "product_reference": "kernel-rt-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-base-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64"
        },
        "product_reference": "kernel-rt-base-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt-devel-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64"
        },
        "product_reference": "kernel-rt-devel-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-rt_debug-devel-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64"
        },
        "product_reference": "kernel-rt_debug-devel-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-source-rt-4.4.88-18.1.noarch as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch"
        },
        "product_reference": "kernel-source-rt-4.4.88-18.1.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-syms-rt-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64"
        },
        "product_reference": "kernel-syms-rt-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "ocfs2-kmp-rt-4.4.88-18.1.x86_64 as component of SUSE Linux Enterprise Real Time 12 SP2",
          "product_id": "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        },
        "product_reference": "ocfs2-kmp-rt-4.4.88-18.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Real Time 12 SP2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2017-1000111",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000111"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000111",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000111"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052365 for CVE-2017-1000111",
          "url": "https://bugzilla.suse.com/1052365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052367 for CVE-2017-1000111",
          "url": "https://bugzilla.suse.com/1052367"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-1000111"
    },
    {
      "cve": "CVE-2017-1000112",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000112"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Linux kernel: Exploitable memory corruption due to UFO to non-UFO path switch. When building a UFO packet with MSG_MORE __ip_append_data() calls ip_ufo_append_data() to append. However in between two send() calls, the append path can be switched from UFO to non-UFO one, which leads to a memory corruption. In case UFO packet lengths exceeds MTU, copy = maxfraglen - skb-\u003elen becomes negative on the non-UFO path and the branch to allocate new skb is taken. This triggers fragmentation and computation of fraggap = skb_prev-\u003elen - maxfraglen. Fraggap can exceed MTU, causing copy = datalen - transhdrlen - fraggap to become negative. Subsequently skb_copy_and_csum_bits() writes out-of-bounds. A similar issue is present in IPv6 code. The bug was introduced in e89e9cf539a2 (\"[IPv4/IPv6]: UFO Scatter-gather approach\") on Oct 18 2005.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000112",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000112"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052311 for CVE-2017-1000112",
          "url": "https://bugzilla.suse.com/1052311"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052365 for CVE-2017-1000112",
          "url": "https://bugzilla.suse.com/1052365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1052368 for CVE-2017-1000112",
          "url": "https://bugzilla.suse.com/1052368"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072117 for CVE-2017-1000112",
          "url": "https://bugzilla.suse.com/1072117"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072162 for CVE-2017-1000112",
          "url": "https://bugzilla.suse.com/1072162"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-1000112",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-1000112"
    },
    {
      "cve": "CVE-2017-1000251",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000251"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The native Bluetooth stack in the Linux Kernel (BlueZ), starting at the Linux kernel version 2.6.32 and up to and including 4.13.1, are vulnerable to a stack overflow vulnerability in the processing of L2CAP configuration responses resulting in Remote code execution in kernel space.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000251",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000251"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1057389 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1057389"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1057950 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1057950"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1070535 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1070535"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072117 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1072117"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1072162 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1072162"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1120758 for CVE-2017-1000251",
          "url": "https://bugzilla.suse.com/1120758"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-1000251"
    },
    {
      "cve": "CVE-2017-1000252",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000252"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The KVM subsystem in the Linux kernel through 4.13.3 allows guest OS users to cause a denial of service (assertion failure, and hypervisor hang or crash) via an out-of bounds guest_irq value, related to arch/x86/kvm/vmx.c and virt/kvm/eventfd.c.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000252",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000252"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1058038 for CVE-2017-1000252",
          "url": "https://bugzilla.suse.com/1058038"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-1000252"
    },
    {
      "cve": "CVE-2017-1000365",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-1000365"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-1000365",
          "url": "https://www.suse.com/security/cve/CVE-2017-1000365"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037551 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1037551"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039346 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1039346"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039349 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1039349"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1039354 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1039354"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1054557 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1054557"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1077345 for CVE-2017-1000365",
          "url": "https://bugzilla.suse.com/1077345"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-1000365"
    },
    {
      "cve": "CVE-2017-10810",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-10810"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory leak in the virtio_gpu_object_create function in drivers/gpu/drm/virtio/virtgpu_object.c in the Linux kernel through 4.11.8 allows attackers to cause a denial of service (memory consumption) by triggering object-initialization failures.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-10810",
          "url": "https://www.suse.com/security/cve/CVE-2017-10810"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1047277 for CVE-2017-10810",
          "url": "https://bugzilla.suse.com/1047277"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-10810"
    },
    {
      "cve": "CVE-2017-11472",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11472"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The acpi_ns_terminate() function in drivers/acpi/acpica/nsutils.c in the Linux kernel before 4.12 does not flush the operand cache and causes a kernel stack dump, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection mechanism (in the kernel through 4.9) via a crafted ACPI table.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11472",
          "url": "https://www.suse.com/security/cve/CVE-2017-11472"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049580 for CVE-2017-11472",
          "url": "https://bugzilla.suse.com/1049580"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-11472",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "low"
        }
      ],
      "title": "CVE-2017-11472"
    },
    {
      "cve": "CVE-2017-11473",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-11473"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-11473",
          "url": "https://www.suse.com/security/cve/CVE-2017-11473"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049603 for CVE-2017-11473",
          "url": "https://bugzilla.suse.com/1049603"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061680 for CVE-2017-11473",
          "url": "https://bugzilla.suse.com/1061680"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-11473",
          "url": "https://bugzilla.suse.com/1087082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-11473",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-11473"
    },
    {
      "cve": "CVE-2017-12134",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-12134"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-12134",
          "url": "https://www.suse.com/security/cve/CVE-2017-12134"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1051790 for CVE-2017-12134",
          "url": "https://bugzilla.suse.com/1051790"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-12134",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-12134"
    },
    {
      "cve": "CVE-2017-12154",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-12154"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the \"CR8-load exiting\" and \"CR8-store exiting\" L0 vmcs02 controls exist in cases where L1 omits the \"use TPR shadow\" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-12154",
          "url": "https://www.suse.com/security/cve/CVE-2017-12154"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1058038 for CVE-2017-12154",
          "url": "https://bugzilla.suse.com/1058038"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1058507 for CVE-2017-12154",
          "url": "https://bugzilla.suse.com/1058507"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-12154"
    },
    {
      "cve": "CVE-2017-14051",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-14051"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-14051",
          "url": "https://www.suse.com/security/cve/CVE-2017-14051"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1056588 for CVE-2017-14051",
          "url": "https://bugzilla.suse.com/1056588"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-14051"
    },
    {
      "cve": "CVE-2017-14106",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-14106"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-14106",
          "url": "https://www.suse.com/security/cve/CVE-2017-14106"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1056982 for CVE-2017-14106",
          "url": "https://bugzilla.suse.com/1056982"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-14106"
    },
    {
      "cve": "CVE-2017-7518",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7518"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7518",
          "url": "https://www.suse.com/security/cve/CVE-2017-7518"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1045922 for CVE-2017-7518",
          "url": "https://bugzilla.suse.com/1045922"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-7518",
          "url": "https://bugzilla.suse.com/1087082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7518"
    },
    {
      "cve": "CVE-2017-7533",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7533"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Race condition in the fsnotify implementation in the Linux kernel through 4.12.4 allows local users to gain privileges or cause a denial of service (memory corruption) via a crafted application that leverages simultaneous execution of the inotify_handle_event and vfs_rename functions.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7533",
          "url": "https://www.suse.com/security/cve/CVE-2017-7533"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049483 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1049483"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050677 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050677"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1050751 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1050751"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1053919 for CVE-2017-7533",
          "url": "https://bugzilla.suse.com/1053919"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "important"
        }
      ],
      "title": "CVE-2017-7533"
    },
    {
      "cve": "CVE-2017-7541",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7541"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7541",
          "url": "https://www.suse.com/security/cve/CVE-2017-7541"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049645 for CVE-2017-7541",
          "url": "https://bugzilla.suse.com/1049645"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7541"
    },
    {
      "cve": "CVE-2017-7542",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-7542"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-7542",
          "url": "https://www.suse.com/security/cve/CVE-2017-7542"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1049882 for CVE-2017-7542",
          "url": "https://bugzilla.suse.com/1049882"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061936 for CVE-2017-7542",
          "url": "https://bugzilla.suse.com/1061936"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-7542"
    },
    {
      "cve": "CVE-2017-8831",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2017-8831"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
          "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
          "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2017-8831",
          "url": "https://www.suse.com/security/cve/CVE-2017-8831"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1037994 for CVE-2017-8831",
          "url": "https://bugzilla.suse.com/1037994"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1061936 for CVE-2017-8831",
          "url": "https://bugzilla.suse.com/1061936"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1087082 for CVE-2017-8831",
          "url": "https://bugzilla.suse.com/1087082"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1115893 for CVE-2017-8831",
          "url": "https://bugzilla.suse.com/1115893"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-md-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:cluster-network-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:dlm-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:gfs2-kmp-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-devel-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-base-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-rt_debug-devel-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-source-rt-4.4.88-18.1.noarch",
            "SUSE Linux Enterprise Real Time 12 SP2:kernel-syms-rt-4.4.88-18.1.x86_64",
            "SUSE Linux Enterprise Real Time 12 SP2:ocfs2-kmp-rt-4.4.88-18.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2017-11-08T15:02:59Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2017-8831"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-7518 (GCVE-0-2017-7518)

SUSE-SU-2017:2920-1

SUSE-SU-2017:2956-1

Tags

Sightings

Nomenclature