Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-8106 (GCVE-0-2017-8106)
Vulnerability from cvelistv5 – Published: 2017-04-24 23:00 – Updated: 2024-09-16 23:41
VLAI?
EPSS
Summary
The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:27:22.210Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=195167"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://launchpad.net/bugs/1678676"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-04-24T23:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=195167"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://launchpad.net/bugs/1678676"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.kernel.org/show_bug.cgi?id=195167",
"refsource": "MISC",
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=195167"
},
{
"name": "https://launchpad.net/bugs/1678676",
"refsource": "MISC",
"url": "https://launchpad.net/bugs/1678676"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8106",
"datePublished": "2017-04-24T23:00:00.000Z",
"dateReserved": "2017-04-24T00:00:00.000Z",
"dateUpdated": "2024-09-16T23:41:42.454Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B291154A-4B91-4A0E-AAAE-716A8BB7BF99\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D835FBA1-49DE-4184-BEC8-7ED2B3F7B0BB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"080BD3C9-0606-4D9A-B7AE-3DF9F75B8FF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCDF0F11-3DB4-41F6-B6D3-383857884258\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2FB1772A-F4AA-4AB8-9FC9-10993A6A5B46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4DB5B4D7-C79C-448E-B0D4-A6A9C440F49C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7C9A32A2-C1EC-4463-B21F-79E6592C5339\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD8683B9-63EF-43D0-8E4F-2909429B47E6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91F6A187-E8B1-47CF-B375-FB453F8000F2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"97A4332E-E1D4-4B6E-B9FE-B33CCF083402\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1949D7D6-7DD2-458B-89D3-B0090C8E9984\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA23201B-8DC1-4694-8DD9-661BC78F152A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.12:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDDB83D1-8A25-495E-BC27-0E2059255DEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5BF8D075-08F5-4CF4-8416-9963CA6B04D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.14:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E4ED579-E7D9-434A-A357-3D9056784227\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"79E9D537-1F1A-462B-A6D6-2DC4FF07A843\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.16:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1B2AEF20-1F50-497D-AD1E-AC0ED7699DDE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.17:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93A7B9D2-EF81-4952-AD6F-C5870331F17E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.18:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1BACD07E-51D7-4081-89E0-276FE3ADCEAE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.19:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D46AEA84-FDC3-41A3-9F63-D38290C9862F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.20:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54C401E0-6258-4F25-82CF-B81B7624C509\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.21:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0810E4B6-1510-46A6-9519-127E226BDE01\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B7BA4A7A-FF32-4763-8278-08C2DEBAA05A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B3E44C3-41FC-41A1-9ACF-1DD00DE06CFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"860169C6-3AF9-4F00-869C-DE0DE289DF91\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"51398597-A993-496F-84E4-993B74AC0508\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9879AED-F53E-47D7-ACA1-E61EBF3133EB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"048698BF-3B0C-449C-9D2A-81B5CAB4A27F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D4EED7A3-B40C-4C02-80B7-1836A3C4C2A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B72AFA7-C594-4BCF-BB79-F3EE675766A7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5195ED19-4482-435C-9224-20B0EDF6F114\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D6AC043B-EACB-406C-B4D0-7B22CF8B0EEB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FEA5C700-05F9-4077-ACE6-8A7EE033B464\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BE74D9A2-DCD6-4E14-B061-972EB7CF1EE5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.34:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E50006B4-3AB0-4FF2-9111-F0E1191D243C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.35:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B654475F-4C5F-485E-BB77-CFEF6D214C75\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.36:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2A4304FA-0868-4A81-B6E4-FBDF84B153AB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.37:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2100C16C-437E-4EEC-BD04-D75CF3D02333\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.38:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4EF474B9-2740-498C-909B-DBFD3FDC23CC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.39:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"88F0A015-6CF7-4528-9CF9-E0E76CB3E1D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09723483-B241-4D82-862C-AA0098F680CB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.41:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A084853B-91CB-4964-A498-9B4208152138\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.42:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A19BA782-DCFB-48B6-973C-3AD050ED51F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.43:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F87E856E-AD83-4EBF-BD06-4736B9116083\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.44:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"04D914E1-7229-4642-BDC9-5A8261E03538\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.45:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFDC2E5D-EF73-4DED-8E4C-8309BA53A092\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.46:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9406CC5F-6D28-4836-BDD4-A50674F1333D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.47:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"124ADC63-CDA6-4A27-A844-4F33DB6A4031\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.48:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"40FD9974-27BC-4DE4-9CB0-FC2D0CAA1D46\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.49:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72559629-4BB1-4651-BEF7-B6E74683C401\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.50:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8648EF03-5B27-40BD-90A0-59DC8120440B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.51:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8C26111E-EF43-4CFA-977E-6658A7B62C27\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.52:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"06A8E46E-7CAB-49E2-A1DD-F146FBBBA19E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.53:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7799F2BF-9C85-444A-970A-6F245463425F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.54:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"91854A06-32BC-4C9F-AA63-BA32F2B385DE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.55:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"33509600-67E3-4C78-B0C4-4D62D70FCD94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.56:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"10237625-21BB-43A0-A7A2-EE662703391E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.57:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"11E6E8FD-CAA5-4A93-ABD5-815B51D7DE9F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.58:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C3B5CB0-C094-471A-A6D5-2FBC91384FDC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.12.59:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B77FCA1E-99B4-4D10-9A59-65FE265C9DBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"50513044-C297-4D5E-BD45-6FD603A29F25\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.14.67:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E4CB47E3-1DF7-4FB1-A436-F7648C8F0EEC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.14.68:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F48C8632-E8C5-4907-AEDC-1B33D8A5AF04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:3.15:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F5827B65-9941-4927-8D47-57229EEA290F\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n handle_invept de arch/x86/kvm/vmx.c del Kernel de Linux, versiones 3.12 a 3.15, permite a los usuarios privilegiados del sistema operativo hu\\u00e9sped de KVM causar una denegaci\\u00f3n de servicio (referencia a puntero nulo y ca\\u00edda del sistema operativo anfitri\\u00f3n) a trav\\u00e9s de una instrucci\\u00f3n single-context INVEPT con puntero EPT nulo.\"}]",
"id": "CVE-2017-8106",
"lastModified": "2024-11-21T03:33:20.220",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-04-24T23:59:00.753",
"references": "[{\"url\": \"https://bugzilla.kernel.org/show_bug.cgi?id=195167\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://launchpad.net/bugs/1678676\", \"source\": \"cve@mitre.org\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://bugzilla.kernel.org/show_bug.cgi?id=195167\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}, {\"url\": \"https://launchpad.net/bugs/1678676\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-476\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-8106\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-04-24T23:59:00.753\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n handle_invept de arch/x86/kvm/vmx.c del Kernel de Linux, versiones 3.12 a 3.15, permite a los usuarios privilegiados del sistema operativo hu\u00e9sped de KVM causar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda del sistema operativo anfitri\u00f3n) a trav\u00e9s de una instrucci\u00f3n single-context INVEPT con puntero EPT nulo.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-476\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B291154A-4B91-4A0E-AAAE-716A8BB7BF99\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D835FBA1-49DE-4184-BEC8-7ED2B3F7B0BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"080BD3C9-0606-4D9A-B7AE-3DF9F75B8FF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCDF0F11-3DB4-41F6-B6D3-383857884258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2FB1772A-F4AA-4AB8-9FC9-10993A6A5B46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4DB5B4D7-C79C-448E-B0D4-A6A9C440F49C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C9A32A2-C1EC-4463-B21F-79E6592C5339\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD8683B9-63EF-43D0-8E4F-2909429B47E6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91F6A187-E8B1-47CF-B375-FB453F8000F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4332E-E1D4-4B6E-B9FE-B33CCF083402\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1949D7D6-7DD2-458B-89D3-B0090C8E9984\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA23201B-8DC1-4694-8DD9-661BC78F152A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDDB83D1-8A25-495E-BC27-0E2059255DEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF8D075-08F5-4CF4-8416-9963CA6B04D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E4ED579-E7D9-434A-A357-3D9056784227\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"79E9D537-1F1A-462B-A6D6-2DC4FF07A843\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1B2AEF20-1F50-497D-AD1E-AC0ED7699DDE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93A7B9D2-EF81-4952-AD6F-C5870331F17E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1BACD07E-51D7-4081-89E0-276FE3ADCEAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D46AEA84-FDC3-41A3-9F63-D38290C9862F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54C401E0-6258-4F25-82CF-B81B7624C509\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0810E4B6-1510-46A6-9519-127E226BDE01\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B7BA4A7A-FF32-4763-8278-08C2DEBAA05A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B3E44C3-41FC-41A1-9ACF-1DD00DE06CFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"860169C6-3AF9-4F00-869C-DE0DE289DF91\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51398597-A993-496F-84E4-993B74AC0508\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9879AED-F53E-47D7-ACA1-E61EBF3133EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"048698BF-3B0C-449C-9D2A-81B5CAB4A27F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4EED7A3-B40C-4C02-80B7-1836A3C4C2A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B72AFA7-C594-4BCF-BB79-F3EE675766A7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5195ED19-4482-435C-9224-20B0EDF6F114\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6AC043B-EACB-406C-B4D0-7B22CF8B0EEB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FEA5C700-05F9-4077-ACE6-8A7EE033B464\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BE74D9A2-DCD6-4E14-B061-972EB7CF1EE5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E50006B4-3AB0-4FF2-9111-F0E1191D243C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B654475F-4C5F-485E-BB77-CFEF6D214C75\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2A4304FA-0868-4A81-B6E4-FBDF84B153AB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2100C16C-437E-4EEC-BD04-D75CF3D02333\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4EF474B9-2740-498C-909B-DBFD3FDC23CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"88F0A015-6CF7-4528-9CF9-E0E76CB3E1D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09723483-B241-4D82-862C-AA0098F680CB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.41:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A084853B-91CB-4964-A498-9B4208152138\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.42:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A19BA782-DCFB-48B6-973C-3AD050ED51F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.43:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F87E856E-AD83-4EBF-BD06-4736B9116083\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.44:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04D914E1-7229-4642-BDC9-5A8261E03538\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.45:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFDC2E5D-EF73-4DED-8E4C-8309BA53A092\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.46:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9406CC5F-6D28-4836-BDD4-A50674F1333D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.47:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"124ADC63-CDA6-4A27-A844-4F33DB6A4031\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.48:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"40FD9974-27BC-4DE4-9CB0-FC2D0CAA1D46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.49:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72559629-4BB1-4651-BEF7-B6E74683C401\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.50:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8648EF03-5B27-40BD-90A0-59DC8120440B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.51:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C26111E-EF43-4CFA-977E-6658A7B62C27\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.52:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06A8E46E-7CAB-49E2-A1DD-F146FBBBA19E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.53:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7799F2BF-9C85-444A-970A-6F245463425F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"91854A06-32BC-4C9F-AA63-BA32F2B385DE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33509600-67E3-4C78-B0C4-4D62D70FCD94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"10237625-21BB-43A0-A7A2-EE662703391E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11E6E8FD-CAA5-4A93-ABD5-815B51D7DE9F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C3B5CB0-C094-471A-A6D5-2FBC91384FDC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.12.59:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B77FCA1E-99B4-4D10-9A59-65FE265C9DBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"50513044-C297-4D5E-BD45-6FD603A29F25\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.14.67:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4CB47E3-1DF7-4FB1-A436-F7648C8F0EEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.14.68:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F48C8632-E8C5-4907-AEDC-1B33D8A5AF04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:3.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5827B65-9941-4927-8D47-57229EEA290F\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.kernel.org/show_bug.cgi?id=195167\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://launchpad.net/bugs/1678676\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.kernel.org/show_bug.cgi?id=195167\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://launchpad.net/bugs/1678676\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]}]}}"
}
}
CERTFR-2017-AVI-390
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 12 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-12153",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12153"
},
{
"name": "CVE-2017-14106",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14106"
},
{
"name": "CVE-2017-1000365",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000365"
},
{
"name": "CVE-2017-15274",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15274"
},
{
"name": "CVE-2015-9004",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9004"
},
{
"name": "CVE-2017-8831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8831"
},
{
"name": "CVE-2017-15649",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15649"
},
{
"name": "CVE-2017-2647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2647"
},
{
"name": "CVE-2017-11176",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11176"
},
{
"name": "CVE-2017-7482",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7482"
},
{
"name": "CVE-2017-6346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
},
{
"name": "CVE-2017-10661",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10661"
},
{
"name": "CVE-2017-12762",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12762"
},
{
"name": "CVE-2017-9242",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9242"
},
{
"name": "CVE-2017-14051",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14051"
},
{
"name": "CVE-2017-6951",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6951"
},
{
"name": "CVE-2017-9074",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9074"
},
{
"name": "CVE-2017-8925",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8925"
},
{
"name": "CVE-2017-9077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9077"
},
{
"name": "CVE-2016-10229",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10229"
},
{
"name": "CVE-2017-9076",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9076"
},
{
"name": "CVE-2017-12154",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12154"
},
{
"name": "CVE-2017-1000363",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000363"
},
{
"name": "CVE-2017-8106",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8106"
},
{
"name": "CVE-2017-15265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
},
{
"name": "CVE-2017-7487",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7487"
},
{
"name": "CVE-2017-7541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7541"
},
{
"name": "CVE-2017-7542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7542"
},
{
"name": "CVE-2017-14140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14140"
},
{
"name": "CVE-2017-8924",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8924"
},
{
"name": "CVE-2017-7889",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7889"
},
{
"name": "CVE-2017-1000380",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000380"
},
{
"name": "CVE-2016-9604",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9604"
},
{
"name": "CVE-2017-8890",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8890"
},
{
"name": "CVE-2017-9075",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9075"
},
{
"name": "CVE-2017-7518",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7518"
},
{
"name": "CVE-2016-10277",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10277"
},
{
"name": "CVE-2017-12192",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12192"
},
{
"name": "CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-390",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-11-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172920-1 du 02 novembre 2017",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172920-1/"
}
]
}
CERTFR-2017-AVI-162
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module pour Public Cloud 12 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP1 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 12-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP1 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module pour Public Cloud 12",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 12-SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-2117",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2117"
},
{
"name": "CVE-2017-7308",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7308"
},
{
"name": "CVE-2017-6348",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6348"
},
{
"name": "CVE-2017-2647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2647"
},
{
"name": "CVE-2017-6353",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6353"
},
{
"name": "CVE-2017-6346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
},
{
"name": "CVE-2017-6951",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6951"
},
{
"name": "CVE-2015-1350",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1350"
},
{
"name": "CVE-2017-7645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7645"
},
{
"name": "CVE-2016-3070",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3070"
},
{
"name": "CVE-2017-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6345"
},
{
"name": "CVE-2017-6214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6214"
},
{
"name": "CVE-2016-5243",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5243"
},
{
"name": "CVE-2017-7616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7616"
},
{
"name": "CVE-2017-8106",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8106"
},
{
"name": "CVE-2017-7294",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7294"
},
{
"name": "CVE-2017-6074",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6074"
},
{
"name": "CVE-2017-2671",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2671"
},
{
"name": "CVE-2016-1004",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1004"
},
{
"name": "CVE-2016-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1020"
},
{
"name": "CVE-2016-9588",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9588"
},
{
"name": "CVE-2017-5897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5897"
},
{
"name": "CVE-2017-7187",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7187"
},
{
"name": "CVE-2016-9191",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9191"
},
{
"name": "CVE-2016-7117",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7117"
},
{
"name": "CVE-2017-5986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5986"
},
{
"name": "CVE-2016-9604",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9604"
},
{
"name": "CVE-2017-7261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7261"
},
{
"name": "CVE-2017-5669",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5669"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:1360-1 du 19 mai 2017",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171360-1/"
}
],
"reference": "CERTFR-2017-AVI-162",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-05-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:1360-1 du 19 mai 2017",
"url": null
}
]
}
CERTFR-2017-AVI-162
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module pour Public Cloud 12 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP1 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 12-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP1 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module pour Public Cloud 12",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 12-SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2016-2117",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2117"
},
{
"name": "CVE-2017-7308",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7308"
},
{
"name": "CVE-2017-6348",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6348"
},
{
"name": "CVE-2017-2647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2647"
},
{
"name": "CVE-2017-6353",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6353"
},
{
"name": "CVE-2017-6346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
},
{
"name": "CVE-2017-6951",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6951"
},
{
"name": "CVE-2015-1350",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1350"
},
{
"name": "CVE-2017-7645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7645"
},
{
"name": "CVE-2016-3070",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-3070"
},
{
"name": "CVE-2017-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6345"
},
{
"name": "CVE-2017-6214",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6214"
},
{
"name": "CVE-2016-5243",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5243"
},
{
"name": "CVE-2017-7616",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7616"
},
{
"name": "CVE-2017-8106",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8106"
},
{
"name": "CVE-2017-7294",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7294"
},
{
"name": "CVE-2017-6074",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6074"
},
{
"name": "CVE-2017-2671",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2671"
},
{
"name": "CVE-2016-1004",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1004"
},
{
"name": "CVE-2016-1020",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1020"
},
{
"name": "CVE-2016-9588",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9588"
},
{
"name": "CVE-2017-5897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5897"
},
{
"name": "CVE-2017-7187",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7187"
},
{
"name": "CVE-2016-9191",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9191"
},
{
"name": "CVE-2016-7117",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-7117"
},
{
"name": "CVE-2017-5986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5986"
},
{
"name": "CVE-2016-9604",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9604"
},
{
"name": "CVE-2017-7261",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7261"
},
{
"name": "CVE-2017-5669",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5669"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:1360-1 du 19 mai 2017",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171360-1/"
}
],
"reference": "CERTFR-2017-AVI-162",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-05-22T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de SUSE\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2017:1360-1 du 19 mai 2017",
"url": null
}
]
}
CERTFR-2017-AVI-390
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-LTSS | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 12 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-12153",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12153"
},
{
"name": "CVE-2017-14106",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14106"
},
{
"name": "CVE-2017-1000365",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000365"
},
{
"name": "CVE-2017-15274",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15274"
},
{
"name": "CVE-2015-9004",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9004"
},
{
"name": "CVE-2017-8831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8831"
},
{
"name": "CVE-2017-15649",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15649"
},
{
"name": "CVE-2017-2647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2647"
},
{
"name": "CVE-2017-11176",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11176"
},
{
"name": "CVE-2017-7482",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7482"
},
{
"name": "CVE-2017-6346",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6346"
},
{
"name": "CVE-2017-10661",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-10661"
},
{
"name": "CVE-2017-12762",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12762"
},
{
"name": "CVE-2017-9242",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9242"
},
{
"name": "CVE-2017-14051",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14051"
},
{
"name": "CVE-2017-6951",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6951"
},
{
"name": "CVE-2017-9074",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9074"
},
{
"name": "CVE-2017-8925",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8925"
},
{
"name": "CVE-2017-9077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9077"
},
{
"name": "CVE-2016-10229",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10229"
},
{
"name": "CVE-2017-9076",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9076"
},
{
"name": "CVE-2017-12154",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12154"
},
{
"name": "CVE-2017-1000363",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000363"
},
{
"name": "CVE-2017-8106",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8106"
},
{
"name": "CVE-2017-15265",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15265"
},
{
"name": "CVE-2017-7487",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7487"
},
{
"name": "CVE-2017-7541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7541"
},
{
"name": "CVE-2017-7542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7542"
},
{
"name": "CVE-2017-14140",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14140"
},
{
"name": "CVE-2017-8924",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8924"
},
{
"name": "CVE-2017-7889",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7889"
},
{
"name": "CVE-2017-1000380",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000380"
},
{
"name": "CVE-2016-9604",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-9604"
},
{
"name": "CVE-2017-8890",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-8890"
},
{
"name": "CVE-2017-9075",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9075"
},
{
"name": "CVE-2017-7518",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7518"
},
{
"name": "CVE-2016-10277",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-10277"
},
{
"name": "CVE-2017-12192",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12192"
},
{
"name": "CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-390",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-11-03T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20172920-1 du 02 novembre 2017",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172920-1/"
}
]
}
FKIE_CVE-2017-8106
Vulnerability from fkie_nvd - Published: 2017-04-24 23:59 - Updated: 2025-04-20 01:37
Severity ?
Summary
The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://bugzilla.kernel.org/show_bug.cgi?id=195167 | Issue Tracking | |
| cve@mitre.org | https://launchpad.net/bugs/1678676 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.kernel.org/show_bug.cgi?id=195167 | Issue Tracking | |
| af854a3a-2127-422b-91ae-364da2661108 | https://launchpad.net/bugs/1678676 | Issue Tracking |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*",
"matchCriteriaId": "B291154A-4B91-4A0E-AAAE-716A8BB7BF99",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D835FBA1-49DE-4184-BEC8-7ED2B3F7B0BB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "080BD3C9-0606-4D9A-B7AE-3DF9F75B8FF6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "CCDF0F11-3DB4-41F6-B6D3-383857884258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "2FB1772A-F4AA-4AB8-9FC9-10993A6A5B46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.5:*:*:*:*:*:*:*",
"matchCriteriaId": "4DB5B4D7-C79C-448E-B0D4-A6A9C440F49C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7C9A32A2-C1EC-4463-B21F-79E6592C5339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.7:*:*:*:*:*:*:*",
"matchCriteriaId": "DD8683B9-63EF-43D0-8E4F-2909429B47E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.8:*:*:*:*:*:*:*",
"matchCriteriaId": "91F6A187-E8B1-47CF-B375-FB453F8000F2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.9:*:*:*:*:*:*:*",
"matchCriteriaId": "97A4332E-E1D4-4B6E-B9FE-B33CCF083402",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "1949D7D6-7DD2-458B-89D3-B0090C8E9984",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.11:*:*:*:*:*:*:*",
"matchCriteriaId": "BA23201B-8DC1-4694-8DD9-661BC78F152A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.12:*:*:*:*:*:*:*",
"matchCriteriaId": "FDDB83D1-8A25-495E-BC27-0E2059255DEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5BF8D075-08F5-4CF4-8416-9963CA6B04D3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.14:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4ED579-E7D9-434A-A357-3D9056784227",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.15:*:*:*:*:*:*:*",
"matchCriteriaId": "79E9D537-1F1A-462B-A6D6-2DC4FF07A843",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.16:*:*:*:*:*:*:*",
"matchCriteriaId": "1B2AEF20-1F50-497D-AD1E-AC0ED7699DDE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.17:*:*:*:*:*:*:*",
"matchCriteriaId": "93A7B9D2-EF81-4952-AD6F-C5870331F17E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.18:*:*:*:*:*:*:*",
"matchCriteriaId": "1BACD07E-51D7-4081-89E0-276FE3ADCEAE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.19:*:*:*:*:*:*:*",
"matchCriteriaId": "D46AEA84-FDC3-41A3-9F63-D38290C9862F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.20:*:*:*:*:*:*:*",
"matchCriteriaId": "54C401E0-6258-4F25-82CF-B81B7624C509",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.21:*:*:*:*:*:*:*",
"matchCriteriaId": "0810E4B6-1510-46A6-9519-127E226BDE01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.22:*:*:*:*:*:*:*",
"matchCriteriaId": "B7BA4A7A-FF32-4763-8278-08C2DEBAA05A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.23:*:*:*:*:*:*:*",
"matchCriteriaId": "5B3E44C3-41FC-41A1-9ACF-1DD00DE06CFC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.24:*:*:*:*:*:*:*",
"matchCriteriaId": "860169C6-3AF9-4F00-869C-DE0DE289DF91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.25:*:*:*:*:*:*:*",
"matchCriteriaId": "51398597-A993-496F-84E4-993B74AC0508",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.26:*:*:*:*:*:*:*",
"matchCriteriaId": "B9879AED-F53E-47D7-ACA1-E61EBF3133EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.27:*:*:*:*:*:*:*",
"matchCriteriaId": "048698BF-3B0C-449C-9D2A-81B5CAB4A27F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.28:*:*:*:*:*:*:*",
"matchCriteriaId": "D4EED7A3-B40C-4C02-80B7-1836A3C4C2A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.29:*:*:*:*:*:*:*",
"matchCriteriaId": "4B72AFA7-C594-4BCF-BB79-F3EE675766A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.30:*:*:*:*:*:*:*",
"matchCriteriaId": "5195ED19-4482-435C-9224-20B0EDF6F114",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.31:*:*:*:*:*:*:*",
"matchCriteriaId": "D6AC043B-EACB-406C-B4D0-7B22CF8B0EEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.32:*:*:*:*:*:*:*",
"matchCriteriaId": "FEA5C700-05F9-4077-ACE6-8A7EE033B464",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.33:*:*:*:*:*:*:*",
"matchCriteriaId": "BE74D9A2-DCD6-4E14-B061-972EB7CF1EE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.34:*:*:*:*:*:*:*",
"matchCriteriaId": "E50006B4-3AB0-4FF2-9111-F0E1191D243C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.35:*:*:*:*:*:*:*",
"matchCriteriaId": "B654475F-4C5F-485E-BB77-CFEF6D214C75",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.36:*:*:*:*:*:*:*",
"matchCriteriaId": "2A4304FA-0868-4A81-B6E4-FBDF84B153AB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.37:*:*:*:*:*:*:*",
"matchCriteriaId": "2100C16C-437E-4EEC-BD04-D75CF3D02333",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.38:*:*:*:*:*:*:*",
"matchCriteriaId": "4EF474B9-2740-498C-909B-DBFD3FDC23CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.39:*:*:*:*:*:*:*",
"matchCriteriaId": "88F0A015-6CF7-4528-9CF9-E0E76CB3E1D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.40:*:*:*:*:*:*:*",
"matchCriteriaId": "09723483-B241-4D82-862C-AA0098F680CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.41:*:*:*:*:*:*:*",
"matchCriteriaId": "A084853B-91CB-4964-A498-9B4208152138",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.42:*:*:*:*:*:*:*",
"matchCriteriaId": "A19BA782-DCFB-48B6-973C-3AD050ED51F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.43:*:*:*:*:*:*:*",
"matchCriteriaId": "F87E856E-AD83-4EBF-BD06-4736B9116083",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.44:*:*:*:*:*:*:*",
"matchCriteriaId": "04D914E1-7229-4642-BDC9-5A8261E03538",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.45:*:*:*:*:*:*:*",
"matchCriteriaId": "BFDC2E5D-EF73-4DED-8E4C-8309BA53A092",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.46:*:*:*:*:*:*:*",
"matchCriteriaId": "9406CC5F-6D28-4836-BDD4-A50674F1333D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.47:*:*:*:*:*:*:*",
"matchCriteriaId": "124ADC63-CDA6-4A27-A844-4F33DB6A4031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.48:*:*:*:*:*:*:*",
"matchCriteriaId": "40FD9974-27BC-4DE4-9CB0-FC2D0CAA1D46",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.49:*:*:*:*:*:*:*",
"matchCriteriaId": "72559629-4BB1-4651-BEF7-B6E74683C401",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.50:*:*:*:*:*:*:*",
"matchCriteriaId": "8648EF03-5B27-40BD-90A0-59DC8120440B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.51:*:*:*:*:*:*:*",
"matchCriteriaId": "8C26111E-EF43-4CFA-977E-6658A7B62C27",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.52:*:*:*:*:*:*:*",
"matchCriteriaId": "06A8E46E-7CAB-49E2-A1DD-F146FBBBA19E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.53:*:*:*:*:*:*:*",
"matchCriteriaId": "7799F2BF-9C85-444A-970A-6F245463425F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.54:*:*:*:*:*:*:*",
"matchCriteriaId": "91854A06-32BC-4C9F-AA63-BA32F2B385DE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.55:*:*:*:*:*:*:*",
"matchCriteriaId": "33509600-67E3-4C78-B0C4-4D62D70FCD94",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.56:*:*:*:*:*:*:*",
"matchCriteriaId": "10237625-21BB-43A0-A7A2-EE662703391E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.57:*:*:*:*:*:*:*",
"matchCriteriaId": "11E6E8FD-CAA5-4A93-ABD5-815B51D7DE9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.58:*:*:*:*:*:*:*",
"matchCriteriaId": "3C3B5CB0-C094-471A-A6D5-2FBC91384FDC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.12.59:*:*:*:*:*:*:*",
"matchCriteriaId": "B77FCA1E-99B4-4D10-9A59-65FE265C9DBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.13:*:*:*:*:*:*:*",
"matchCriteriaId": "50513044-C297-4D5E-BD45-6FD603A29F25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.14.67:*:*:*:*:*:*:*",
"matchCriteriaId": "E4CB47E3-1DF7-4FB1-A436-F7648C8F0EEC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.14.68:*:*:*:*:*:*:*",
"matchCriteriaId": "F48C8632-E8C5-4907-AEDC-1B33D8A5AF04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:3.15:*:*:*:*:*:*:*",
"matchCriteriaId": "F5827B65-9941-4927-8D47-57229EEA290F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer."
},
{
"lang": "es",
"value": "La funci\u00f3n handle_invept de arch/x86/kvm/vmx.c del Kernel de Linux, versiones 3.12 a 3.15, permite a los usuarios privilegiados del sistema operativo hu\u00e9sped de KVM causar una denegaci\u00f3n de servicio (referencia a puntero nulo y ca\u00edda del sistema operativo anfitri\u00f3n) a trav\u00e9s de una instrucci\u00f3n single-context INVEPT con puntero EPT nulo."
}
],
"id": "CVE-2017-8106",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-04-24T23:59:00.753",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=195167"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://launchpad.net/bugs/1678676"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=195167"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking"
],
"url": "https://launchpad.net/bugs/1678676"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
SUSE-SU-2017:1360-1
Vulnerability from csaf_suse - Published: 2017-05-19 12:12 - Updated: 2017-05-19 12:12Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.74 to receive various security and bugfixes.
Notable new/improved features:
- Improved support for Hyper-V
- Support for the tcp_westwood TCP scheduling algorithm
The following security bugs were fixed:
- CVE-2017-8106: The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel allowed privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer (bsc#1035877).
- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type. (bsc#1029850).
- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c. (bsc#1030593)
- CVE-2016-9604: This fixes handling of keyrings starting with '.' in KEYCTL_JOIN_SESSION_KEYRING, which could have allowed local users to manipulate privileged keyrings (bsc#1035576)
- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. (bnc#1033336).
- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c. (bsc#1034670).
- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579)
- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003)
- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440)
- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052)
- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213)
- CVE-2016-9588: arch/x86/kvm/vmx.c in the Linux kernel mismanaged the #BP and #OF exceptions, which allowed guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest (bsc#1015703).
- CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914).
- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415)
- CVE-2016-10208: The ext4_fill_super function in fs/ext4/super.c in the Linux kernel did not properly validate meta block groups, which allowed physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image (bnc#1023377).
- CVE-2017-5897: The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allowed remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access (bsc#1023762).
- CVE-2017-5986: A race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235).
- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024)
- CVE-2016-9191: The cgroup offline implementation in the Linux kernel mishandled certain drain operations, which allowed local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application (bnc#1008842)
- CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178).
- CVE-2016-10044: The aio_mount function in fs/aio.c in the Linux kernel did not properly restrict execute access, which made it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call (bnc#1023992).
- CVE-2016-3070: The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel improperly interacts with mm/migrate.c, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move (bnc#979215).
- CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212).
- CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190)
- CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189)
- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066)
- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235).
- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722)
- CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enables scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697)
- CVE-2015-1350: The VFS subsystem in the Linux kernel provided an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bsc#914939).
- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003077).
The following non-security bugs were fixed:
- ACPI / APEI: Fix NMI notification handling (bsc#917630).
- arch: Mass conversion of smp_mb__*() (bsc#1020795).
- asm-generic: add __smp_xxx wrappers (bsc#1020795).
- block: remove struct request buffer member (bsc#1020795).
- block: submit_bio_wait() conversions (bsc#1020795).
- bonding: Advertize vxlan offload features when supported (bsc#1009682).
- bonding: handle more gso types (bsc#1009682).
- bonding: use the correct ether type for alb (bsc#1028595).
- btrfs: allow unlink to exceed subvolume quota (bsc#1015821).
- btrfs: Change qgroup_meta_rsv to 64bit (bsc#1015821).
- btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100).
- btrfs: make file clone aware of fatal signals (bsc#1015787).
- btrfs: qgroups: Retry after commit on getting EDQUOT (bsc#1015821).
- cancel the setfilesize transation when io error happen (bsc#1028648).
- cgroup: remove stray references to css_id (bsc#1020795).
- cpuidle: powernv/pseries: Auto-promotion of snooze to deeper idle state (bnc#1023164).
- dm: add era target (bsc#1020795).
- dm: allow remove to be deferred (bsc#1020795).
- dm bitset: only flush the current word if it has been dirtied (bsc#1020795).
- dm btree: add dm_btree_find_lowest_key (bsc#1020795).
- dm cache: actually resize cache (bsc#1020795).
- dm cache: add block sizes and total cache blocks to status output (bsc#1020795).
- dm cache: add cache block invalidation support (bsc#1020795).
- dm cache: add passthrough mode (bsc#1020795).
- dm cache: add policy name to status output (bsc#1020795).
- dm cache: add remove_cblock method to policy interface (bsc#1020795).
- dm cache: be much more aggressive about promoting writes to discarded blocks (bsc#1020795).
- dm cache: cache shrinking support (bsc#1020795).
- dm cache: do not add migration to completed list before unhooking bio (bsc#1020795).
- dm cache: fix a lock-inversion (bsc#1020795).
- dm cache: fix truncation bug when mapping I/O to more than 2TB fast device (bsc#1020795).
- dm cache: fix writethrough mode quiescing in cache_map (bsc#1020795).
- dm cache: improve efficiency of quiescing flag management (bsc#1020795).
- dm cache: io destined for the cache device can now serve as tick bios (bsc#1020795).
- dm cache: log error message if dm_kcopyd_copy() fails (bsc#1020795).
- dm cache metadata: check the metadata version when reading the superblock (bsc#1020795).
- dm cache metadata: return bool from __superblock_all_zeroes (bsc#1020795).
- dm cache: move hook_info into common portion of per_bio_data structure (bsc#1020795).
- dm cache: optimize commit_if_needed (bsc#1020795).
- dm cache policy mq: a few small fixes (bsc#1020795).
- dm cache policy mq: fix promotions to occur as expected (bsc#1020795).
- dm cache policy mq: implement writeback_work() and mq_{set,clear}_dirty() (bsc#1020795).
- dm cache policy mq: introduce three promotion threshold tunables (bsc#1020795).
- dm cache policy mq: protect residency method with existing mutex (bsc#1020795).
- dm cache policy mq: reduce memory requirements (bsc#1020795).
- dm cache policy mq: use list_del_init instead of list_del + INIT_LIST_HEAD (bsc#1020795).
- dm cache policy: remove return from void policy_remove_mapping (bsc#1020795).
- dm cache: promotion optimisation for writes (bsc#1020795).
- dm cache: resolve small nits and improve Documentation (bsc#1020795).
- dm cache: return -EINVAL if the user specifies unknown cache policy (bsc#1020795).
- dm cache: use cell_defer() boolean argument consistently (bsc#1020795).
- dm: change sector_count member in clone_info from sector_t to unsigned (bsc#1020795).
- dm crypt: add TCW IV mode for old CBC TCRYPT containers (bsc#1020795).
- dm crypt: properly handle extra key string in initialization (bsc#1020795).
- dm delay: use per-bio data instead of a mempool and slab cache (bsc#1020795).
- dm: fix Kconfig indentation (bsc#1020795).
- dm: fix Kconfig menu indentation (bsc#1020795).
- dm: make dm_table_alloc_md_mempools static (bsc#1020795).
- dm mpath: do not call pg_init when it is already running (bsc#1020795).
- dm mpath: fix lock order inconsistency in multipath_ioctl (bsc#1020795).
- dm mpath: print more useful warnings in multipath_message() (bsc#1020795).
- dm mpath: push back requests instead of queueing (bsc#1020795).
- dm mpath: really fix lockdep warning (bsc#1020795).
- dm mpath: reduce memory pressure when requeuing (bsc#1020795).
- dm mpath: remove extra nesting in map function (bsc#1020795).
- dm mpath: remove map_io() (bsc#1020795).
- dm mpath: remove process_queued_ios() (bsc#1020795).
- dm mpath: requeue I/O during pg_init (bsc#1020795).
- dm persistent data: cleanup dm-thin specific references in text (bsc#1020795).
- dm snapshot: call destroy_work_on_stack() to pair with INIT_WORK_ONSTACK() (bsc#1020795).
- dm snapshot: fix metadata corruption (bsc#1020795).
- dm snapshot: prepare for switch to using dm-bufio (bsc#1020795).
- dm snapshot: use dm-bufio (bsc#1020795).
- dm snapshot: use dm-bufio prefetch (bsc#1020795).
- dm snapshot: use GFP_KERNEL when initializing exceptions (bsc#1020795).
- dm space map disk: optimise sm_disk_dec_block (bsc#1020795).
- dm space map metadata: limit errors in sm_metadata_new_block (bsc#1020795).
- dm: stop using bi_private (bsc#1020795).
- dm table: add dm_table_run_md_queue_async (bsc#1020795).
- dm table: print error on preresume failure (bsc#1020795).
- dm table: remove unused buggy code that extends the targets array (bsc#1020795).
- dm thin: add error_if_no_space feature (bsc#1020795).
- dm thin: add mappings to end of prepared_* lists (bsc#1020795).
- dm thin: add 'no_space_timeout' dm-thin-pool module param (bsc#1020795).
- dm thin: add timeout to stop out-of-data-space mode holding IO forever (bsc#1020795).
- dm thin: allow metadata commit if pool is in PM_OUT_OF_DATA_SPACE mode (bsc#1020795).
- dm thin: allow metadata space larger than supported to go unused (bsc#1020795).
- dm thin: cleanup and improve no space handling (bsc#1020795).
- dm thin: eliminate the no_free_space flag (bsc#1020795).
- dm thin: ensure user takes action to validate data and metadata consistency (bsc#1020795).
- dm thin: factor out check_low_water_mark and use bools (bsc#1020795).
- dm thin: fix deadlock in __requeue_bio_list (bsc#1020795).
- dm thin: fix noflush suspend IO queueing (bsc#1020795).
- dm thin: fix out of data space handling (bsc#1020795).
- dm thin: fix pool feature parsing (bsc#1020795).
- dm thin: fix rcu_read_lock being held in code that can sleep (bsc#1020795).
- dm thin: handle metadata failures more consistently (bsc#1020795).
- dm thin: irqsave must always be used with the pool->lock spinlock (bsc#1020795).
- dm thin: log info when growing the data or metadata device (bsc#1020795).
- dm thin: requeue bios to DM core if no_free_space and in read-only mode (bsc#1020795).
- dm thin: return error from alloc_data_block if pool is not in write mode (bsc#1020795).
- dm thin: simplify pool_is_congested (bsc#1020795).
- dm thin: sort the per thin deferred bios using an rb_tree (bsc#1020795).
- dm thin: synchronize the pool mode during suspend (bsc#1020795).
- dm thin: use bool rather than unsigned for flags in structures (bsc#1020795).
- dm thin: use INIT_WORK_ONSTACK in noflush_work to avoid ODEBUG warning (bsc#1020795).
- dm thin: use per thin device deferred bio lists (bsc#1020795).
- dm: use RCU_INIT_POINTER instead of rcu_assign_pointer in __unbind (bsc#1020795).
- drm/i915: relax uncritical udelay_range() (bsc#1038261).
- ether: add loopback type ETH_P_LOOPBACK (bsc#1028595).
- ext4: fix bh leak on error paths in ext4_rename() and ext4_cross_rename() (bsc#1012985).
- ext4: fix fencepost in s_first_meta_bg validation (bsc#1029986).
- ext4: mark inode dirty after converting inline directory (bsc#1012985).
- ftrace: Make ftrace_location_range() global (FATE#322421).
- HID: usbhid: improve handling of Clear-Halt and reset (bsc#1031080).
- hv: util: catch allocation errors
- hv: utils: use memdup_user in hvt_op_write
- hwrng: virtio - ensure reads happen after successful probe (bsc#954763 bsc#1032344).
- i40e: avoid null pointer dereference (bsc#922853).
- i40e/i40evf: Break up xmit_descriptor_count from maybe_stop_tx (bsc#985561).
- i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet (bsc#985561).
- i40e/i40evf: Rewrite logic for 8 descriptor per packet check (bsc#985561).
- i40e: Impose a lower limit on gso size (bsc#985561).
- i40e: Limit TX descriptor count in cases where frag size is greater than 16K (bsc#985561).
- iommu/vt-d: Flush old iommu caches for kdump when the device gets context mapped (bsc#1023824).
- iommu/vt-d: Tylersburg isoch identity map check is done too late (bsc#1032125).
- ipv6: make ECMP route replacement less greedy (bsc#930399).
- kabi: hide changes in struct sk_buff (bsc#1009682).
- KABI: Hide new include in arch/powerpc/kernel/process.c (fate#322421).
- kABI: mask struct xfs_icdinode change (bsc#1024788).
- kABI: protect struct inet6_dev (kabi).
- kABI: protect struct iscsi_conn (bsc#103470).
- kABI: protect struct xfs_buftarg and struct xfs_mount (bsc#1024508).
- kABI: restore can_rx_register parameters (kabi).
- kernel/watchdog: use nmi registers snapshot in hardlockup handler (bsc#940946, bsc#937444).
- kgr: Mark eeh_event_handler() kthread safe using a timeout (bsc#1031662).
- kgr/module: make a taint flag module-specific
- kgr: remove unneeded kgr_needs_lazy_migration() s390x definition
- l2tp: fix address test in __l2tp_ip6_bind_lookup() (bsc#1028415).
- l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415).
- l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind() (bsc#1028415).
- l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv() (bsc#1028415).
- l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 (bsc#1028415).
- l2tp: lock socket before checking flags in connect() (bsc#1028415).
- livepatch: Allow architectures to specify an alternate ftrace location (FATE#322421).
- locking/semaphore: Add down_interruptible_timeout() (bsc#1031662).
- md: avoid oops on unload if some process is in poll or select (bsc#1020795).
- md: Convert use of typedef ctl_table to struct ctl_table (bsc#1020795).
- md: ensure metadata is writen after raid level change (bsc#1020795).
- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).
- md: md_clear_badblocks should return an error code on failure (bsc#1020795).
- md: refuse to change shape of array if it is active but read-only (bsc#1020795).
- megaraid_sas: add missing curly braces in ioctl handler (bsc#1023207).
- megaraid_sas: Fixup tgtid count in megasas_ld_list_query() (bsc#971933).
- mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp (bnc#1030118).
- mm, memcg: do not retry precharge charges (bnc#1022559).
- mm/mempolicy.c: do not put mempolicy before using its nodemask (References: VM Performance, bnc#931620).
- mm/page_alloc: fix nodes for reclaim in fast path (bnc#1031842).
- module: move add_taint_module() to a header file
- net: Add skb_gro_postpull_rcsum to udp and vxlan (bsc#1009682).
- net: add skb_pop_rcv_encapsulation (bsc#1009682).
- net: Call skb_checksum_init in IPv4 (bsc#1009682).
- net: Call skb_checksum_init in IPv6 (bsc#1009682).
- netfilter: allow logging fron non-init netns (bsc#970083).
- net: Generalize checksum_init functions (bsc#1009682).
- net: Preserve CHECKSUM_COMPLETE at validation (bsc#1009682).
- NFS: do not try to cross a mountpount when there isn't one there (bsc#1028041).
- NFS: Expedite unmount of NFS auto-mounts (bnc#1025802).
- NFS: Fix a performance regression in readdir (bsc#857926).
- NFS: flush out dirty data on file fput() (bsc#1021762).
- ocfs2: do not write error flag to user structure we cannot copy from/to (bsc#1012985).
- powerpc: Blacklist GCC 5.4 6.1 and 6.2 (boo#1028895).
- powerpc: Create a helper for getting the kernel toc value (FATE#322421).
- powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971).
- powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141).
- powerpc/fadump: Update fadump documentation (bsc#1032141).
- powerpc/ftrace: Add Kconfig & Make glue for mprofile-kernel (FATE#322421).
- powerpc/ftrace: Add support for -mprofile-kernel ftrace ABI (FATE#322421).
- powerpc/ftrace: Use $(CC_FLAGS_FTRACE) when disabling ftrace (FATE#322421).
- powerpc/ftrace: Use generic ftrace_modify_all_code() (FATE#322421).
- powerpc: introduce TIF_KGR_IN_PROGRESS thread flag (FATE#322421).
- powerpc/kgraft: Add kgraft header (FATE#322421).
- powerpc/kgraft: Add kgraft stack to struct thread_info (FATE#322421).
- powerpc/kgraft: Add live patching support on ppc64le (FATE#322421).
- powerpc/module: Create a special stub for ftrace_caller() (FATE#322421).
- powerpc/module: Mark module stubs with a magic value (FATE#322421).
- powerpc/module: Only try to generate the ftrace_caller() stub once (FATE#322421).
- powerpc/modules: Never restore r2 for a mprofile-kernel style mcount() call (FATE#322421).
- powerpc/prom: Increase minimum RMA size to 512MB (bsc#984530).
- powerpc/pseries/cpuidle: Remove MAX_IDLE_STATE macro (bnc#1023164).
- powerpc/pseries/cpuidle: Use cpuidle_register() for initialisation (bnc#1023164).
- powerpc: Reject binutils 2.24 when building little endian (boo#1028895).
- RAID1: avoid unnecessary spin locks in I/O barrier code (bsc#982783,bsc#1020048).
- raid1: include bio_end_io_list in nr_queued to prevent freeze_array hang
- remove mpath patches from dmcache backport, for bsc#1035738
- revert 'procfs: mark thread stack correctly in proc/PID/maps' (bnc#1030901).
- Revert 'RDMA/core: Fix incorrect structure packing for booleans' (kabi).
- rtnetlink: allow to register ops without ops->setup set (bsc#1021374).
- s390/zcrypt: Introduce CEX6 toleration (FATE#321783, LTC#147506, bsc#1019514).
- sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting (bsc#1018419).
- scsi_error: count medium access timeout only once per EH run (bsc#993832, bsc#1032345).
- scsi: libiscsi: add lock around task lists to fix list corruption regression (bsc#1034700).
- scsi: storvsc: fix SRB_STATUS_ABORTED handling
- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).
- svcrpc: fix gss-proxy NULL dereference in some error cases (bsc#1024309).
- taint/module: Clean up global and module taint flags handling
- tcp: abort orphan sockets stalling on zero window probes (bsc#1021913).
- thp: fix MADV_DONTNEED vs. numa balancing race (bnc#1027974).
- thp: reduce indentation level in change_huge_pmd() (bnc#1027974).
- treewide: fix 'distingush' typo (bsc#1020795).
- tree-wide: use reinit_completion instead of INIT_COMPLETION (bsc#1020795).
- usb: dwc3: gadget: Fix incorrect DEPCMD and DGCMD status macros (bsc#1035699).
- usb: host: xhci: print correct command ring address (bnc#1035699).
- USB: serial: kl5kusb105: fix line-state error handling (bsc#1021256).
- vfs: Do not exchange 'short' filenames unconditionally (bsc#1012985).
- vfs: split generic splice code from i_mutex locking (bsc#1024788).
- vmxnet3: segCnt can be 1 for LRO packets (bsc#988065).
- VSOCK: Detach QP check should filter out non matching QPs (bsc#1036752).
- vxlan: cancel sock_work in vxlan_dellink() (bsc#1031567).
- vxlan: Checksum fixes (bsc#1009682).
- vxlan: GRO support at tunnel layer (bsc#1009682).
- xen-blkfront: correct maximum segment accounting (bsc#1018263).
- xen-blkfront: do not call talk_to_blkback when already connected to blkback.
- xen-blkfront: free resources if xlvbd_alloc_gendisk fails.
- xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056).
- xfs: do not allow di_size with high bit set (bsc#1024234).
- xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1024508).
- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).
- xfs: fix broken multi-fsb buffer logging (bsc#1024081).
- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).
- xfs: Fix lock ordering in splice write (bsc#1024788).
- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).
- xfs: Make xfs_icdinode->di_dmstate atomic_t (bsc#1024788).
- xfs: pass total block res. as total xfs_bmapi_write() parameter (bsc#1029470).
- xfs: replace global xfslogd wq with per-mount wq (bsc#1024508).
- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).
Patchnames: SUSE-SLE-DESKTOP-12-SP1-2017-831,SUSE-SLE-Live-Patching-12-2017-831,SUSE-SLE-Module-Public-Cloud-12-2017-831,SUSE-SLE-SDK-12-SP1-2017-831,SUSE-SLE-SERVER-12-SP1-2017-831,SUSE-SLE-WE-12-SP1-2017-831
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.1 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.5 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP1 kernel was updated to 3.12.74 to receive various security and bugfixes.\n\nNotable new/improved features:\n- Improved support for Hyper-V\n- Support for the tcp_westwood TCP scheduling algorithm\n\nThe following security bugs were fixed:\n\n- CVE-2017-8106: The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel allowed privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer (bsc#1035877).\n- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \u0027dead\u0027 type. (bsc#1029850).\n- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c. (bsc#1030593)\n- CVE-2016-9604: This fixes handling of keyrings starting with \u0027.\u0027 in KEYCTL_JOIN_SESSION_KEYRING, which could have allowed local users to manipulate privileged keyrings (bsc#1035576)\n- CVE-2017-7616: Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel allowed local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. (bnc#1033336).\n- CVE-2017-7645: The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel allowed remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c. (bsc#1034670).\n- CVE-2017-7308: The packet_set_ring function in net/packet/af_packet.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of service (overflow) or possibly have unspecified other impact via crafted system calls (bnc#1031579)\n- CVE-2017-2671: The ping_unhash function in net/ipv4/ping.c in the Linux kernel was too late in obtaining a certain lock and consequently could not ensure that disconnect function calls are safe, which allowed local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call (bnc#1031003)\n- CVE-2017-7294: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not validate addition of certain levels data, which allowed local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031440)\n- CVE-2017-7261: The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel did not check for a zero value of certain levels data, which allowed local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device (bnc#1031052)\n- CVE-2017-7187: The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel allowed local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function (bnc#1030213)\n- CVE-2016-9588: arch/x86/kvm/vmx.c in the Linux kernel mismanaged the #BP and #OF exceptions, which allowed guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest (bsc#1015703).\n- CVE-2017-5669: The do_shmat function in ipc/shm.c in the Linux kernel did not restrict the address calculated by a certain rounding operation, which allowed local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context (bnc#1026914).\n- CVE-2016-10200: Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c (bnc#1028415)\n- CVE-2016-10208: The ext4_fill_super function in fs/ext4/super.c in the Linux kernel did not properly validate meta block groups, which allowed physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image (bnc#1023377).\n- CVE-2017-5897: The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allowed remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access (bsc#1023762).\n- CVE-2017-5986: A race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235).\n- CVE-2017-6074: The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel mishandled DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allowed local users to obtain root privileges or cause a denial of service (double free) via an application that made an IPV6_RECVPKTINFO setsockopt system call (bnc#1026024)\n- CVE-2016-9191: The cgroup offline implementation in the Linux kernel mishandled certain drain operations, which allowed local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application (bnc#1008842)\n- CVE-2017-6348: The hashbin_delete function in net/irda/irqueue.c in the Linux kernel improperly managed lock dropping, which allowed local users to cause a denial of service (deadlock) via crafted operations on IrDA devices (bnc#1027178).\n- CVE-2016-10044: The aio_mount function in fs/aio.c in the Linux kernel did not properly restrict execute access, which made it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call (bnc#1023992).\n- CVE-2016-3070: The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel improperly interacts with mm/migrate.c, which allowed local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move (bnc#979215).\n- CVE-2016-5243: The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel did not properly copy a certain string, which allowed local users to obtain sensitive information from kernel stack memory by reading a Netlink message (bnc#983212).\n- CVE-2017-6345: The LLC subsystem in the Linux kernel did not ensure that a certain destructor exists in required circumstances, which allowed local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls (bnc#1027190)\n- CVE-2017-6346: Race condition in net/packet/af_packet.c in the Linux kernel allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that made PACKET_FANOUT setsockopt system calls (bnc#1027189)\n- CVE-2017-6353: net/sctp/socket.c in the Linux kernel did not properly restrict association peel-off operations during certain wait states, which allowed local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986 (bnc#1027066)\n- CVE-2017-5986: Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel allowed local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state (bsc#1025235).\n- CVE-2017-6214: The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel allowed remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag (bnc#1026722)\n- CVE-2016-2117: The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel incorrectly enables scatter/gather I/O, which allowed remote attackers to obtain sensitive information from kernel memory by reading packet data (bnc#968697)\n- CVE-2015-1350: The VFS subsystem in the Linux kernel provided an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allowed local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program (bsc#914939).\n- CVE-2016-7117: Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel allowed remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing (bsc#1003077).\n\nThe following non-security bugs were fixed:\n\n- ACPI / APEI: Fix NMI notification handling (bsc#917630).\n- arch: Mass conversion of smp_mb__*() (bsc#1020795).\n- asm-generic: add __smp_xxx wrappers (bsc#1020795).\n- block: remove struct request buffer member (bsc#1020795).\n- block: submit_bio_wait() conversions (bsc#1020795).\n- bonding: Advertize vxlan offload features when supported (bsc#1009682).\n- bonding: handle more gso types (bsc#1009682).\n- bonding: use the correct ether type for alb (bsc#1028595).\n- btrfs: allow unlink to exceed subvolume quota (bsc#1015821).\n- btrfs: Change qgroup_meta_rsv to 64bit (bsc#1015821).\n- btrfs: fix btrfs_compat_ioctl failures on non-compat ioctls (bsc#1018100).\n- btrfs: make file clone aware of fatal signals (bsc#1015787).\n- btrfs: qgroups: Retry after commit on getting EDQUOT (bsc#1015821).\n- cancel the setfilesize transation when io error happen (bsc#1028648).\n- cgroup: remove stray references to css_id (bsc#1020795).\n- cpuidle: powernv/pseries: Auto-promotion of snooze to deeper idle state (bnc#1023164).\n- dm: add era target (bsc#1020795).\n- dm: allow remove to be deferred (bsc#1020795).\n- dm bitset: only flush the current word if it has been dirtied (bsc#1020795).\n- dm btree: add dm_btree_find_lowest_key (bsc#1020795).\n- dm cache: actually resize cache (bsc#1020795).\n- dm cache: add block sizes and total cache blocks to status output (bsc#1020795).\n- dm cache: add cache block invalidation support (bsc#1020795).\n- dm cache: add passthrough mode (bsc#1020795).\n- dm cache: add policy name to status output (bsc#1020795).\n- dm cache: add remove_cblock method to policy interface (bsc#1020795).\n- dm cache: be much more aggressive about promoting writes to discarded blocks (bsc#1020795).\n- dm cache: cache shrinking support (bsc#1020795).\n- dm cache: do not add migration to completed list before unhooking bio (bsc#1020795).\n- dm cache: fix a lock-inversion (bsc#1020795).\n- dm cache: fix truncation bug when mapping I/O to more than 2TB fast device (bsc#1020795).\n- dm cache: fix writethrough mode quiescing in cache_map (bsc#1020795).\n- dm cache: improve efficiency of quiescing flag management (bsc#1020795).\n- dm cache: io destined for the cache device can now serve as tick bios (bsc#1020795).\n- dm cache: log error message if dm_kcopyd_copy() fails (bsc#1020795).\n- dm cache metadata: check the metadata version when reading the superblock (bsc#1020795).\n- dm cache metadata: return bool from __superblock_all_zeroes (bsc#1020795).\n- dm cache: move hook_info into common portion of per_bio_data structure (bsc#1020795).\n- dm cache: optimize commit_if_needed (bsc#1020795).\n- dm cache policy mq: a few small fixes (bsc#1020795).\n- dm cache policy mq: fix promotions to occur as expected (bsc#1020795).\n- dm cache policy mq: implement writeback_work() and mq_{set,clear}_dirty() (bsc#1020795).\n- dm cache policy mq: introduce three promotion threshold tunables (bsc#1020795).\n- dm cache policy mq: protect residency method with existing mutex (bsc#1020795).\n- dm cache policy mq: reduce memory requirements (bsc#1020795).\n- dm cache policy mq: use list_del_init instead of list_del + INIT_LIST_HEAD (bsc#1020795).\n- dm cache policy: remove return from void policy_remove_mapping (bsc#1020795).\n- dm cache: promotion optimisation for writes (bsc#1020795).\n- dm cache: resolve small nits and improve Documentation (bsc#1020795).\n- dm cache: return -EINVAL if the user specifies unknown cache policy (bsc#1020795).\n- dm cache: use cell_defer() boolean argument consistently (bsc#1020795).\n- dm: change sector_count member in clone_info from sector_t to unsigned (bsc#1020795).\n- dm crypt: add TCW IV mode for old CBC TCRYPT containers (bsc#1020795).\n- dm crypt: properly handle extra key string in initialization (bsc#1020795).\n- dm delay: use per-bio data instead of a mempool and slab cache (bsc#1020795).\n- dm: fix Kconfig indentation (bsc#1020795).\n- dm: fix Kconfig menu indentation (bsc#1020795).\n- dm: make dm_table_alloc_md_mempools static (bsc#1020795).\n- dm mpath: do not call pg_init when it is already running (bsc#1020795).\n- dm mpath: fix lock order inconsistency in multipath_ioctl (bsc#1020795).\n- dm mpath: print more useful warnings in multipath_message() (bsc#1020795).\n- dm mpath: push back requests instead of queueing (bsc#1020795).\n- dm mpath: really fix lockdep warning (bsc#1020795).\n- dm mpath: reduce memory pressure when requeuing (bsc#1020795).\n- dm mpath: remove extra nesting in map function (bsc#1020795).\n- dm mpath: remove map_io() (bsc#1020795).\n- dm mpath: remove process_queued_ios() (bsc#1020795).\n- dm mpath: requeue I/O during pg_init (bsc#1020795).\n- dm persistent data: cleanup dm-thin specific references in text (bsc#1020795).\n- dm snapshot: call destroy_work_on_stack() to pair with INIT_WORK_ONSTACK() (bsc#1020795).\n- dm snapshot: fix metadata corruption (bsc#1020795).\n- dm snapshot: prepare for switch to using dm-bufio (bsc#1020795).\n- dm snapshot: use dm-bufio (bsc#1020795).\n- dm snapshot: use dm-bufio prefetch (bsc#1020795).\n- dm snapshot: use GFP_KERNEL when initializing exceptions (bsc#1020795).\n- dm space map disk: optimise sm_disk_dec_block (bsc#1020795).\n- dm space map metadata: limit errors in sm_metadata_new_block (bsc#1020795).\n- dm: stop using bi_private (bsc#1020795).\n- dm table: add dm_table_run_md_queue_async (bsc#1020795).\n- dm table: print error on preresume failure (bsc#1020795).\n- dm table: remove unused buggy code that extends the targets array (bsc#1020795).\n- dm thin: add error_if_no_space feature (bsc#1020795).\n- dm thin: add mappings to end of prepared_* lists (bsc#1020795).\n- dm thin: add \u0027no_space_timeout\u0027 dm-thin-pool module param (bsc#1020795).\n- dm thin: add timeout to stop out-of-data-space mode holding IO forever (bsc#1020795).\n- dm thin: allow metadata commit if pool is in PM_OUT_OF_DATA_SPACE mode (bsc#1020795).\n- dm thin: allow metadata space larger than supported to go unused (bsc#1020795).\n- dm thin: cleanup and improve no space handling (bsc#1020795).\n- dm thin: eliminate the no_free_space flag (bsc#1020795).\n- dm thin: ensure user takes action to validate data and metadata consistency (bsc#1020795).\n- dm thin: factor out check_low_water_mark and use bools (bsc#1020795).\n- dm thin: fix deadlock in __requeue_bio_list (bsc#1020795).\n- dm thin: fix noflush suspend IO queueing (bsc#1020795).\n- dm thin: fix out of data space handling (bsc#1020795).\n- dm thin: fix pool feature parsing (bsc#1020795).\n- dm thin: fix rcu_read_lock being held in code that can sleep (bsc#1020795).\n- dm thin: handle metadata failures more consistently (bsc#1020795).\n- dm thin: irqsave must always be used with the pool-\u003elock spinlock (bsc#1020795).\n- dm thin: log info when growing the data or metadata device (bsc#1020795).\n- dm thin: requeue bios to DM core if no_free_space and in read-only mode (bsc#1020795).\n- dm thin: return error from alloc_data_block if pool is not in write mode (bsc#1020795).\n- dm thin: simplify pool_is_congested (bsc#1020795).\n- dm thin: sort the per thin deferred bios using an rb_tree (bsc#1020795).\n- dm thin: synchronize the pool mode during suspend (bsc#1020795).\n- dm thin: use bool rather than unsigned for flags in structures (bsc#1020795).\n- dm thin: use INIT_WORK_ONSTACK in noflush_work to avoid ODEBUG warning (bsc#1020795).\n- dm thin: use per thin device deferred bio lists (bsc#1020795).\n- dm: use RCU_INIT_POINTER instead of rcu_assign_pointer in __unbind (bsc#1020795).\n- drm/i915: relax uncritical udelay_range() (bsc#1038261).\n- ether: add loopback type ETH_P_LOOPBACK (bsc#1028595).\n- ext4: fix bh leak on error paths in ext4_rename() and ext4_cross_rename() (bsc#1012985).\n- ext4: fix fencepost in s_first_meta_bg validation (bsc#1029986).\n- ext4: mark inode dirty after converting inline directory (bsc#1012985).\n- ftrace: Make ftrace_location_range() global (FATE#322421).\n- HID: usbhid: improve handling of Clear-Halt and reset (bsc#1031080).\n- hv: util: catch allocation errors\n- hv: utils: use memdup_user in hvt_op_write\n- hwrng: virtio - ensure reads happen after successful probe (bsc#954763 bsc#1032344).\n- i40e: avoid null pointer dereference (bsc#922853).\n- i40e/i40evf: Break up xmit_descriptor_count from maybe_stop_tx (bsc#985561).\n- i40e/i40evf: Limit TSO to 7 descriptors for payload instead of 8 per packet (bsc#985561).\n- i40e/i40evf: Rewrite logic for 8 descriptor per packet check (bsc#985561).\n- i40e: Impose a lower limit on gso size (bsc#985561).\n- i40e: Limit TX descriptor count in cases where frag size is greater than 16K (bsc#985561).\n- iommu/vt-d: Flush old iommu caches for kdump when the device gets context mapped (bsc#1023824).\n- iommu/vt-d: Tylersburg isoch identity map check is done too late (bsc#1032125).\n- ipv6: make ECMP route replacement less greedy (bsc#930399).\n- kabi: hide changes in struct sk_buff (bsc#1009682).\n- KABI: Hide new include in arch/powerpc/kernel/process.c (fate#322421).\n- kABI: mask struct xfs_icdinode change (bsc#1024788).\n- kABI: protect struct inet6_dev (kabi).\n- kABI: protect struct iscsi_conn (bsc#103470).\n- kABI: protect struct xfs_buftarg and struct xfs_mount (bsc#1024508).\n- kABI: restore can_rx_register parameters (kabi).\n- kernel/watchdog: use nmi registers snapshot in hardlockup handler (bsc#940946, bsc#937444).\n- kgr: Mark eeh_event_handler() kthread safe using a timeout (bsc#1031662).\n- kgr/module: make a taint flag module-specific\n- kgr: remove unneeded kgr_needs_lazy_migration() s390x definition\n- l2tp: fix address test in __l2tp_ip6_bind_lookup() (bsc#1028415).\n- l2tp: fix lookup for sockets not bound to a device in l2tp_ip (bsc#1028415).\n- l2tp: fix racy socket lookup in l2tp_ip and l2tp_ip6 bind() (bsc#1028415).\n- l2tp: hold socket before dropping lock in l2tp_ip{, 6}_recv() (bsc#1028415).\n- l2tp: hold tunnel socket when handling control frames in l2tp_ip and l2tp_ip6 (bsc#1028415).\n- l2tp: lock socket before checking flags in connect() (bsc#1028415).\n- livepatch: Allow architectures to specify an alternate ftrace location (FATE#322421).\n- locking/semaphore: Add down_interruptible_timeout() (bsc#1031662).\n- md: avoid oops on unload if some process is in poll or select (bsc#1020795).\n- md: Convert use of typedef ctl_table to struct ctl_table (bsc#1020795).\n- md: ensure metadata is writen after raid level change (bsc#1020795).\n- md linear: fix a race between linear_add() and linear_congested() (bsc#1018446).\n- md: md_clear_badblocks should return an error code on failure (bsc#1020795).\n- md: refuse to change shape of array if it is active but read-only (bsc#1020795).\n- megaraid_sas: add missing curly braces in ioctl handler (bsc#1023207).\n- megaraid_sas: Fixup tgtid count in megasas_ld_list_query() (bsc#971933).\n- mm/huge_memory.c: respect FOLL_FORCE/FOLL_COW for thp (bnc#1030118).\n- mm, memcg: do not retry precharge charges (bnc#1022559).\n- mm/mempolicy.c: do not put mempolicy before using its nodemask (References: VM Performance, bnc#931620).\n- mm/page_alloc: fix nodes for reclaim in fast path (bnc#1031842).\n- module: move add_taint_module() to a header file\n- net: Add skb_gro_postpull_rcsum to udp and vxlan (bsc#1009682).\n- net: add skb_pop_rcv_encapsulation (bsc#1009682).\n- net: Call skb_checksum_init in IPv4 (bsc#1009682).\n- net: Call skb_checksum_init in IPv6 (bsc#1009682).\n- netfilter: allow logging fron non-init netns (bsc#970083).\n- net: Generalize checksum_init functions (bsc#1009682).\n- net: Preserve CHECKSUM_COMPLETE at validation (bsc#1009682).\n- NFS: do not try to cross a mountpount when there isn\u0027t one there (bsc#1028041).\n- NFS: Expedite unmount of NFS auto-mounts (bnc#1025802).\n- NFS: Fix a performance regression in readdir (bsc#857926).\n- NFS: flush out dirty data on file fput() (bsc#1021762).\n- ocfs2: do not write error flag to user structure we cannot copy from/to (bsc#1012985).\n- powerpc: Blacklist GCC 5.4 6.1 and 6.2 (boo#1028895).\n- powerpc: Create a helper for getting the kernel toc value (FATE#322421).\n- powerpc/fadump: Fix the race in crash_fadump() (bsc#1022971).\n- powerpc/fadump: Reserve memory at an offset closer to bottom of RAM (bsc#1032141).\n- powerpc/fadump: Update fadump documentation (bsc#1032141).\n- powerpc/ftrace: Add Kconfig \u0026 Make glue for mprofile-kernel (FATE#322421).\n- powerpc/ftrace: Add support for -mprofile-kernel ftrace ABI (FATE#322421).\n- powerpc/ftrace: Use $(CC_FLAGS_FTRACE) when disabling ftrace (FATE#322421).\n- powerpc/ftrace: Use generic ftrace_modify_all_code() (FATE#322421).\n- powerpc: introduce TIF_KGR_IN_PROGRESS thread flag (FATE#322421).\n- powerpc/kgraft: Add kgraft header (FATE#322421).\n- powerpc/kgraft: Add kgraft stack to struct thread_info (FATE#322421).\n- powerpc/kgraft: Add live patching support on ppc64le (FATE#322421).\n- powerpc/module: Create a special stub for ftrace_caller() (FATE#322421).\n- powerpc/module: Mark module stubs with a magic value (FATE#322421).\n- powerpc/module: Only try to generate the ftrace_caller() stub once (FATE#322421).\n- powerpc/modules: Never restore r2 for a mprofile-kernel style mcount() call (FATE#322421).\n- powerpc/prom: Increase minimum RMA size to 512MB (bsc#984530).\n- powerpc/pseries/cpuidle: Remove MAX_IDLE_STATE macro (bnc#1023164).\n- powerpc/pseries/cpuidle: Use cpuidle_register() for initialisation (bnc#1023164).\n- powerpc: Reject binutils 2.24 when building little endian (boo#1028895).\n- RAID1: avoid unnecessary spin locks in I/O barrier code (bsc#982783,bsc#1020048).\n- raid1: include bio_end_io_list in nr_queued to prevent freeze_array hang\n- remove mpath patches from dmcache backport, for bsc#1035738\n- revert \u0027procfs: mark thread stack correctly in proc/PID/maps\u0027 (bnc#1030901).\n- Revert \u0027RDMA/core: Fix incorrect structure packing for booleans\u0027 (kabi).\n- rtnetlink: allow to register ops without ops-\u003esetup set (bsc#1021374).\n- s390/zcrypt: Introduce CEX6 toleration (FATE#321783, LTC#147506, bsc#1019514).\n- sched/loadavg: Avoid loadavg spikes caused by delayed NO_HZ accounting (bsc#1018419).\n- scsi_error: count medium access timeout only once per EH run (bsc#993832, bsc#1032345).\n- scsi: libiscsi: add lock around task lists to fix list corruption regression (bsc#1034700).\n- scsi: storvsc: fix SRB_STATUS_ABORTED handling\n- sfc: reduce severity of PIO buffer alloc failures (bsc#1019168).\n- svcrpc: fix gss-proxy NULL dereference in some error cases (bsc#1024309).\n- taint/module: Clean up global and module taint flags handling\n- tcp: abort orphan sockets stalling on zero window probes (bsc#1021913).\n- thp: fix MADV_DONTNEED vs. numa balancing race (bnc#1027974).\n- thp: reduce indentation level in change_huge_pmd() (bnc#1027974).\n- treewide: fix \u0027distingush\u0027 typo (bsc#1020795).\n- tree-wide: use reinit_completion instead of INIT_COMPLETION (bsc#1020795).\n- usb: dwc3: gadget: Fix incorrect DEPCMD and DGCMD status macros (bsc#1035699).\n- usb: host: xhci: print correct command ring address (bnc#1035699).\n- USB: serial: kl5kusb105: fix line-state error handling (bsc#1021256).\n- vfs: Do not exchange \u0027short\u0027 filenames unconditionally (bsc#1012985).\n- vfs: split generic splice code from i_mutex locking (bsc#1024788).\n- vmxnet3: segCnt can be 1 for LRO packets (bsc#988065).\n- VSOCK: Detach QP check should filter out non matching QPs (bsc#1036752).\n- vxlan: cancel sock_work in vxlan_dellink() (bsc#1031567).\n- vxlan: Checksum fixes (bsc#1009682).\n- vxlan: GRO support at tunnel layer (bsc#1009682).\n- xen-blkfront: correct maximum segment accounting (bsc#1018263).\n- xen-blkfront: do not call talk_to_blkback when already connected to blkback.\n- xen-blkfront: free resources if xlvbd_alloc_gendisk fails.\n- xfs_dmapi: fix the debug compilation of xfs_dmapi (bsc#989056).\n- xfs: do not allow di_size with high bit set (bsc#1024234).\n- xfs: do not assert fail on non-async buffers on ioacct decrement (bsc#1024508).\n- xfs: exclude never-released buffers from buftarg I/O accounting (bsc#1024508).\n- xfs: fix broken multi-fsb buffer logging (bsc#1024081).\n- xfs: fix buffer overflow dm_get_dirattrs/dm_get_dirattrs2 (bsc#989056).\n- xfs: Fix lock ordering in splice write (bsc#1024788).\n- xfs: fix up xfs_swap_extent_forks inline extent handling (bsc#1023888).\n- xfs: Make xfs_icdinode-\u003edi_dmstate atomic_t (bsc#1024788).\n- xfs: pass total block res. as total xfs_bmapi_write() parameter (bsc#1029470).\n- xfs: replace global xfslogd wq with per-mount wq (bsc#1024508).\n- xfs: track and serialize in-flight async buffers against unmount (bsc#1024508).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP1-2017-831,SUSE-SLE-Live-Patching-12-2017-831,SUSE-SLE-Module-Public-Cloud-12-2017-831,SUSE-SLE-SDK-12-SP1-2017-831,SUSE-SLE-SERVER-12-SP1-2017-831,SUSE-SLE-WE-12-SP1-2017-831",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_1360-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:1360-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171360-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:1360-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-May/002903.html"
},
{
"category": "self",
"summary": "SUSE Bug 1003077",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "self",
"summary": "SUSE Bug 1008842",
"url": "https://bugzilla.suse.com/1008842"
},
{
"category": "self",
"summary": "SUSE Bug 1009682",
"url": "https://bugzilla.suse.com/1009682"
},
{
"category": "self",
"summary": "SUSE Bug 1012620",
"url": "https://bugzilla.suse.com/1012620"
},
{
"category": "self",
"summary": "SUSE Bug 1012985",
"url": "https://bugzilla.suse.com/1012985"
},
{
"category": "self",
"summary": "SUSE Bug 1015703",
"url": "https://bugzilla.suse.com/1015703"
},
{
"category": "self",
"summary": "SUSE Bug 1015787",
"url": "https://bugzilla.suse.com/1015787"
},
{
"category": "self",
"summary": "SUSE Bug 1015821",
"url": "https://bugzilla.suse.com/1015821"
},
{
"category": "self",
"summary": "SUSE Bug 1017512",
"url": "https://bugzilla.suse.com/1017512"
},
{
"category": "self",
"summary": "SUSE Bug 1018100",
"url": "https://bugzilla.suse.com/1018100"
},
{
"category": "self",
"summary": "SUSE Bug 1018263",
"url": "https://bugzilla.suse.com/1018263"
},
{
"category": "self",
"summary": "SUSE Bug 1018419",
"url": "https://bugzilla.suse.com/1018419"
},
{
"category": "self",
"summary": "SUSE Bug 1018446",
"url": "https://bugzilla.suse.com/1018446"
},
{
"category": "self",
"summary": "SUSE Bug 1019168",
"url": "https://bugzilla.suse.com/1019168"
},
{
"category": "self",
"summary": "SUSE Bug 1019514",
"url": "https://bugzilla.suse.com/1019514"
},
{
"category": "self",
"summary": "SUSE Bug 1020048",
"url": "https://bugzilla.suse.com/1020048"
},
{
"category": "self",
"summary": "SUSE Bug 1020795",
"url": "https://bugzilla.suse.com/1020795"
},
{
"category": "self",
"summary": "SUSE Bug 1021256",
"url": "https://bugzilla.suse.com/1021256"
},
{
"category": "self",
"summary": "SUSE Bug 1021374",
"url": "https://bugzilla.suse.com/1021374"
},
{
"category": "self",
"summary": "SUSE Bug 1021762",
"url": "https://bugzilla.suse.com/1021762"
},
{
"category": "self",
"summary": "SUSE Bug 1021913",
"url": "https://bugzilla.suse.com/1021913"
},
{
"category": "self",
"summary": "SUSE Bug 1022559",
"url": "https://bugzilla.suse.com/1022559"
},
{
"category": "self",
"summary": "SUSE Bug 1022971",
"url": "https://bugzilla.suse.com/1022971"
},
{
"category": "self",
"summary": "SUSE Bug 1023164",
"url": "https://bugzilla.suse.com/1023164"
},
{
"category": "self",
"summary": "SUSE Bug 1023207",
"url": "https://bugzilla.suse.com/1023207"
},
{
"category": "self",
"summary": "SUSE Bug 1023377",
"url": "https://bugzilla.suse.com/1023377"
},
{
"category": "self",
"summary": "SUSE Bug 1023762",
"url": "https://bugzilla.suse.com/1023762"
},
{
"category": "self",
"summary": "SUSE Bug 1023824",
"url": "https://bugzilla.suse.com/1023824"
},
{
"category": "self",
"summary": "SUSE Bug 1023888",
"url": "https://bugzilla.suse.com/1023888"
},
{
"category": "self",
"summary": "SUSE Bug 1023992",
"url": "https://bugzilla.suse.com/1023992"
},
{
"category": "self",
"summary": "SUSE Bug 1024081",
"url": "https://bugzilla.suse.com/1024081"
},
{
"category": "self",
"summary": "SUSE Bug 1024234",
"url": "https://bugzilla.suse.com/1024234"
},
{
"category": "self",
"summary": "SUSE Bug 1024309",
"url": "https://bugzilla.suse.com/1024309"
},
{
"category": "self",
"summary": "SUSE Bug 1024508",
"url": "https://bugzilla.suse.com/1024508"
},
{
"category": "self",
"summary": "SUSE Bug 1024788",
"url": "https://bugzilla.suse.com/1024788"
},
{
"category": "self",
"summary": "SUSE Bug 1025039",
"url": "https://bugzilla.suse.com/1025039"
},
{
"category": "self",
"summary": "SUSE Bug 1025235",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "self",
"summary": "SUSE Bug 1025354",
"url": "https://bugzilla.suse.com/1025354"
},
{
"category": "self",
"summary": "SUSE Bug 1025802",
"url": "https://bugzilla.suse.com/1025802"
},
{
"category": "self",
"summary": "SUSE Bug 1026024",
"url": "https://bugzilla.suse.com/1026024"
},
{
"category": "self",
"summary": "SUSE Bug 1026722",
"url": "https://bugzilla.suse.com/1026722"
},
{
"category": "self",
"summary": "SUSE Bug 1026914",
"url": "https://bugzilla.suse.com/1026914"
},
{
"category": "self",
"summary": "SUSE Bug 1027066",
"url": "https://bugzilla.suse.com/1027066"
},
{
"category": "self",
"summary": "SUSE Bug 1027178",
"url": "https://bugzilla.suse.com/1027178"
},
{
"category": "self",
"summary": "SUSE Bug 1027189",
"url": "https://bugzilla.suse.com/1027189"
},
{
"category": "self",
"summary": "SUSE Bug 1027190",
"url": "https://bugzilla.suse.com/1027190"
},
{
"category": "self",
"summary": "SUSE Bug 1027974",
"url": "https://bugzilla.suse.com/1027974"
},
{
"category": "self",
"summary": "SUSE Bug 1028041",
"url": "https://bugzilla.suse.com/1028041"
},
{
"category": "self",
"summary": "SUSE Bug 1028415",
"url": "https://bugzilla.suse.com/1028415"
},
{
"category": "self",
"summary": "SUSE Bug 1028595",
"url": "https://bugzilla.suse.com/1028595"
},
{
"category": "self",
"summary": "SUSE Bug 1028648",
"url": "https://bugzilla.suse.com/1028648"
},
{
"category": "self",
"summary": "SUSE Bug 1028895",
"url": "https://bugzilla.suse.com/1028895"
},
{
"category": "self",
"summary": "SUSE Bug 1029470",
"url": "https://bugzilla.suse.com/1029470"
},
{
"category": "self",
"summary": "SUSE Bug 1029850",
"url": "https://bugzilla.suse.com/1029850"
},
{
"category": "self",
"summary": "SUSE Bug 1029986",
"url": "https://bugzilla.suse.com/1029986"
},
{
"category": "self",
"summary": "SUSE Bug 1030118",
"url": "https://bugzilla.suse.com/1030118"
},
{
"category": "self",
"summary": "SUSE Bug 1030213",
"url": "https://bugzilla.suse.com/1030213"
},
{
"category": "self",
"summary": "SUSE Bug 1030593",
"url": "https://bugzilla.suse.com/1030593"
},
{
"category": "self",
"summary": "SUSE Bug 1030901",
"url": "https://bugzilla.suse.com/1030901"
},
{
"category": "self",
"summary": "SUSE Bug 1031003",
"url": "https://bugzilla.suse.com/1031003"
},
{
"category": "self",
"summary": "SUSE Bug 1031052",
"url": "https://bugzilla.suse.com/1031052"
},
{
"category": "self",
"summary": "SUSE Bug 1031080",
"url": "https://bugzilla.suse.com/1031080"
},
{
"category": "self",
"summary": "SUSE Bug 1031440",
"url": "https://bugzilla.suse.com/1031440"
},
{
"category": "self",
"summary": "SUSE Bug 1031567",
"url": "https://bugzilla.suse.com/1031567"
},
{
"category": "self",
"summary": "SUSE Bug 1031579",
"url": "https://bugzilla.suse.com/1031579"
},
{
"category": "self",
"summary": "SUSE Bug 1031662",
"url": "https://bugzilla.suse.com/1031662"
},
{
"category": "self",
"summary": "SUSE Bug 1031842",
"url": "https://bugzilla.suse.com/1031842"
},
{
"category": "self",
"summary": "SUSE Bug 1032125",
"url": "https://bugzilla.suse.com/1032125"
},
{
"category": "self",
"summary": "SUSE Bug 1032141",
"url": "https://bugzilla.suse.com/1032141"
},
{
"category": "self",
"summary": "SUSE Bug 1032344",
"url": "https://bugzilla.suse.com/1032344"
},
{
"category": "self",
"summary": "SUSE Bug 1032345",
"url": "https://bugzilla.suse.com/1032345"
},
{
"category": "self",
"summary": "SUSE Bug 1033336",
"url": "https://bugzilla.suse.com/1033336"
},
{
"category": "self",
"summary": "SUSE Bug 1034670",
"url": "https://bugzilla.suse.com/1034670"
},
{
"category": "self",
"summary": "SUSE Bug 103470",
"url": "https://bugzilla.suse.com/103470"
},
{
"category": "self",
"summary": "SUSE Bug 1034700",
"url": "https://bugzilla.suse.com/1034700"
},
{
"category": "self",
"summary": "SUSE Bug 1035576",
"url": "https://bugzilla.suse.com/1035576"
},
{
"category": "self",
"summary": "SUSE Bug 1035699",
"url": "https://bugzilla.suse.com/1035699"
},
{
"category": "self",
"summary": "SUSE Bug 1035738",
"url": "https://bugzilla.suse.com/1035738"
},
{
"category": "self",
"summary": "SUSE Bug 1035877",
"url": "https://bugzilla.suse.com/1035877"
},
{
"category": "self",
"summary": "SUSE Bug 1036752",
"url": "https://bugzilla.suse.com/1036752"
},
{
"category": "self",
"summary": "SUSE Bug 1038261",
"url": "https://bugzilla.suse.com/1038261"
},
{
"category": "self",
"summary": "SUSE Bug 799133",
"url": "https://bugzilla.suse.com/799133"
},
{
"category": "self",
"summary": "SUSE Bug 857926",
"url": "https://bugzilla.suse.com/857926"
},
{
"category": "self",
"summary": "SUSE Bug 914939",
"url": "https://bugzilla.suse.com/914939"
},
{
"category": "self",
"summary": "SUSE Bug 917630",
"url": "https://bugzilla.suse.com/917630"
},
{
"category": "self",
"summary": "SUSE Bug 922853",
"url": "https://bugzilla.suse.com/922853"
},
{
"category": "self",
"summary": "SUSE Bug 930399",
"url": "https://bugzilla.suse.com/930399"
},
{
"category": "self",
"summary": "SUSE Bug 931620",
"url": "https://bugzilla.suse.com/931620"
},
{
"category": "self",
"summary": "SUSE Bug 937444",
"url": "https://bugzilla.suse.com/937444"
},
{
"category": "self",
"summary": "SUSE Bug 940946",
"url": "https://bugzilla.suse.com/940946"
},
{
"category": "self",
"summary": "SUSE Bug 954763",
"url": "https://bugzilla.suse.com/954763"
},
{
"category": "self",
"summary": "SUSE Bug 968697",
"url": "https://bugzilla.suse.com/968697"
},
{
"category": "self",
"summary": "SUSE Bug 970083",
"url": "https://bugzilla.suse.com/970083"
},
{
"category": "self",
"summary": "SUSE Bug 971933",
"url": "https://bugzilla.suse.com/971933"
},
{
"category": "self",
"summary": "SUSE Bug 979215",
"url": "https://bugzilla.suse.com/979215"
},
{
"category": "self",
"summary": "SUSE Bug 982783",
"url": "https://bugzilla.suse.com/982783"
},
{
"category": "self",
"summary": "SUSE Bug 983212",
"url": "https://bugzilla.suse.com/983212"
},
{
"category": "self",
"summary": "SUSE Bug 984530",
"url": "https://bugzilla.suse.com/984530"
},
{
"category": "self",
"summary": "SUSE Bug 985561",
"url": "https://bugzilla.suse.com/985561"
},
{
"category": "self",
"summary": "SUSE Bug 988065",
"url": "https://bugzilla.suse.com/988065"
},
{
"category": "self",
"summary": "SUSE Bug 989056",
"url": "https://bugzilla.suse.com/989056"
},
{
"category": "self",
"summary": "SUSE Bug 993832",
"url": "https://bugzilla.suse.com/993832"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1350 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1350/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10044 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10200 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10200/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10208 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-2117 page",
"url": "https://www.suse.com/security/cve/CVE-2016-2117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-3070 page",
"url": "https://www.suse.com/security/cve/CVE-2016-3070/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-5243 page",
"url": "https://www.suse.com/security/cve/CVE-2016-5243/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-7117 page",
"url": "https://www.suse.com/security/cve/CVE-2016-7117/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9191 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9191/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9588 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9588/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9604 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2647 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2671 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5669 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5897 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5897/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-5986 page",
"url": "https://www.suse.com/security/cve/CVE-2017-5986/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6074 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6214 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6345 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6346 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6346/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6348 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6348/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6353 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6353/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6951 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7187 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7261 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7294 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7294/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7308 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7308/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7616 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7616/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7645 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7645/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-8106 page",
"url": "https://www.suse.com/security/cve/CVE-2017-8106/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-05-19T12:12:38Z",
"generator": {
"date": "2017-05-19T12:12:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:1360-1",
"initial_release_date": "2017-05-19T12:12:38Z",
"revision_history": [
{
"date": "2017-05-19T12:12:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.74-60.64.40.1.noarch",
"product": {
"name": "kernel-devel-3.12.74-60.64.40.1.noarch",
"product_id": "kernel-devel-3.12.74-60.64.40.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.74-60.64.40.1.noarch",
"product": {
"name": "kernel-macros-3.12.74-60.64.40.1.noarch",
"product_id": "kernel-macros-3.12.74-60.64.40.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.74-60.64.40.1.noarch",
"product": {
"name": "kernel-source-3.12.74-60.64.40.1.noarch",
"product_id": "kernel-source-3.12.74-60.64.40.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-3.12.74-60.64.40.4.noarch",
"product": {
"name": "kernel-docs-3.12.74-60.64.40.4.noarch",
"product_id": "kernel-docs-3.12.74-60.64.40.4.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"product": {
"name": "kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"product_id": "kernel-obs-build-3.12.74-60.64.40.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.40.1.ppc64le",
"product": {
"name": "kernel-default-3.12.74-60.64.40.1.ppc64le",
"product_id": "kernel-default-3.12.74-60.64.40.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"product_id": "kernel-default-base-3.12.74-60.64.40.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"product_id": "kernel-default-devel-3.12.74-60.64.40.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.40.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.74-60.64.40.1.ppc64le",
"product_id": "kernel-syms-3.12.74-60.64.40.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-3.12.74-60.64.40.1.s390x",
"product": {
"name": "kernel-obs-build-3.12.74-60.64.40.1.s390x",
"product_id": "kernel-obs-build-3.12.74-60.64.40.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.40.1.s390x",
"product": {
"name": "kernel-default-3.12.74-60.64.40.1.s390x",
"product_id": "kernel-default-3.12.74-60.64.40.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.40.1.s390x",
"product": {
"name": "kernel-default-base-3.12.74-60.64.40.1.s390x",
"product_id": "kernel-default-base-3.12.74-60.64.40.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.40.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.s390x",
"product_id": "kernel-default-devel-3.12.74-60.64.40.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.74-60.64.40.1.s390x",
"product": {
"name": "kernel-default-man-3.12.74-60.64.40.1.s390x",
"product_id": "kernel-default-man-3.12.74-60.64.40.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.40.1.s390x",
"product": {
"name": "kernel-syms-3.12.74-60.64.40.1.s390x",
"product_id": "kernel-syms-3.12.74-60.64.40.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-default-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-default-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-default-devel-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-default-extra-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-syms-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-syms-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-xen-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-xen-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-xen-devel-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-ec2-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-obs-build-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-default-base-3.12.74-60.64.40.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"product_id": "kernel-xen-base-3.12.74-60.64.40.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP1",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.40.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.40.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.40.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP1",
"product_id": "SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-3.12.74-60.64.40.4.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch"
},
"product_reference": "kernel-docs-3.12.74-60.64.40.4.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.74-60.64.40.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le"
},
"product_reference": "kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-obs-build-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP1",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.40.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le"
},
"product_reference": "kernel-default-3.12.74-60.64.40.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-default-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.40.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-default-base-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-default-man-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.40.1.noarch as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.40.1.noarch as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.40.1.noarch as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.40.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.74-60.64.40.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-syms-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1",
"product_id": "SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.40.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le"
},
"product_reference": "kernel-default-3.12.74-60.64.40.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-default-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.40.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-default-base-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-default-man-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.40.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.40.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.40.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.40.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.40.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.74-60.64.40.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.40.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x"
},
"product_reference": "kernel-syms-3.12.74-60.64.40.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-3.12.74-60.64.40.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP1",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
},
"product_reference": "kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-1350",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1350"
}
],
"notes": [
{
"category": "general",
"text": "The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to cause a denial of service (capability stripping) via a failed invocation of a system call, as demonstrated by using chown to remove a capability from the ping or Wireshark dumpcap program.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1350",
"url": "https://www.suse.com/security/cve/CVE-2015-1350"
},
{
"category": "external",
"summary": "SUSE Bug 1052256 for CVE-2015-1350",
"url": "https://bugzilla.suse.com/1052256"
},
{
"category": "external",
"summary": "SUSE Bug 914939 for CVE-2015-1350",
"url": "https://bugzilla.suse.com/914939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2015-1350"
},
{
"cve": "CVE-2016-10044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10044"
}
],
"notes": [
{
"category": "general",
"text": "The aio_mount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intended SELinux W^X policy restrictions, and consequently gain privileges, via an io_setup system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10044",
"url": "https://www.suse.com/security/cve/CVE-2016-10044"
},
{
"category": "external",
"summary": "SUSE Bug 1023992 for CVE-2016-10044",
"url": "https://bugzilla.suse.com/1023992"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2016-10044"
},
{
"cve": "CVE-2016-10200",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10200"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/l2tp/l2tp_ip.c and net/l2tp/l2tp_ip6.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10200",
"url": "https://www.suse.com/security/cve/CVE-2016-10200"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2016-10200",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1028415 for CVE-2016-10200",
"url": "https://bugzilla.suse.com/1028415"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "low"
}
],
"title": "CVE-2016-10200"
},
{
"cve": "CVE-2016-10208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10208"
}
],
"notes": [
{
"category": "general",
"text": "The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.9.8 does not properly validate meta block groups, which allows physically proximate attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10208",
"url": "https://www.suse.com/security/cve/CVE-2016-10208"
},
{
"category": "external",
"summary": "SUSE Bug 1023377 for CVE-2016-10208",
"url": "https://bugzilla.suse.com/1023377"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2016-10208",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2016-10208"
},
{
"cve": "CVE-2016-2117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-2117"
}
],
"notes": [
{
"category": "general",
"text": "The atl2_probe function in drivers/net/ethernet/atheros/atlx/atl2.c in the Linux kernel through 4.5.2 incorrectly enables scatter/gather I/O, which allows remote attackers to obtain sensitive information from kernel memory by reading packet data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-2117",
"url": "https://www.suse.com/security/cve/CVE-2016-2117"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2016-2117",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 968697 for CVE-2016-2117",
"url": "https://bugzilla.suse.com/968697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2016-2117"
},
{
"cve": "CVE-2016-3070",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-3070"
}
],
"notes": [
{
"category": "general",
"text": "The trace_writeback_dirty_page implementation in include/trace/events/writeback.h in the Linux kernel before 4.4 improperly interacts with mm/migrate.c, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by triggering a certain page move.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-3070",
"url": "https://www.suse.com/security/cve/CVE-2016-3070"
},
{
"category": "external",
"summary": "SUSE Bug 979215 for CVE-2016-3070",
"url": "https://bugzilla.suse.com/979215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "low"
}
],
"title": "CVE-2016-3070"
},
{
"cve": "CVE-2016-5243",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-5243"
}
],
"notes": [
{
"category": "general",
"text": "The tipc_nl_compat_link_dump function in net/tipc/netlink_compat.c in the Linux kernel through 4.6.3 does not properly copy a certain string, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-5243",
"url": "https://www.suse.com/security/cve/CVE-2016-5243"
},
{
"category": "external",
"summary": "SUSE Bug 983212 for CVE-2016-5243",
"url": "https://bugzilla.suse.com/983212"
},
{
"category": "external",
"summary": "SUSE Bug 986225 for CVE-2016-5243",
"url": "https://bugzilla.suse.com/986225"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "low"
}
],
"title": "CVE-2016-5243"
},
{
"cve": "CVE-2016-7117",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-7117"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-7117",
"url": "https://www.suse.com/security/cve/CVE-2016-7117"
},
{
"category": "external",
"summary": "SUSE Bug 1003077 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003077"
},
{
"category": "external",
"summary": "SUSE Bug 1003253 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1003253"
},
{
"category": "external",
"summary": "SUSE Bug 1057478 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1057478"
},
{
"category": "external",
"summary": "SUSE Bug 1071943 for CVE-2016-7117",
"url": "https://bugzilla.suse.com/1071943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2016-7117"
},
{
"cve": "CVE-2016-9191",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9191"
}
],
"notes": [
{
"category": "general",
"text": "The cgroup offline implementation in the Linux kernel through 4.8.11 mishandles certain drain operations, which allows local users to cause a denial of service (system hang) by leveraging access to a container environment for executing a crafted application, as demonstrated by trinity.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9191",
"url": "https://www.suse.com/security/cve/CVE-2016-9191"
},
{
"category": "external",
"summary": "SUSE Bug 1008842 for CVE-2016-9191",
"url": "https://bugzilla.suse.com/1008842"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2016-9191",
"url": "https://bugzilla.suse.com/1027179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2016-9191"
},
{
"cve": "CVE-2016-9588",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9588"
}
],
"notes": [
{
"category": "general",
"text": "arch/x86/kvm/vmx.c in the Linux kernel through 4.9 mismanages the #BP and #OF exceptions, which allows guest OS users to cause a denial of service (guest OS crash) by declining to handle an exception thrown by an L2 guest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9588",
"url": "https://www.suse.com/security/cve/CVE-2016-9588"
},
{
"category": "external",
"summary": "SUSE Bug 1015703 for CVE-2016-9588",
"url": "https://bugzilla.suse.com/1015703"
},
{
"category": "external",
"summary": "SUSE Bug 1017512 for CVE-2016-9588",
"url": "https://bugzilla.suse.com/1017512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "low"
}
],
"title": "CVE-2016-9588"
},
{
"cve": "CVE-2016-9604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9604"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as \u0027.dns_resolver\u0027 in RHEL-7 or \u0027.builtin_trusted_keys\u0027 upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9604",
"url": "https://www.suse.com/security/cve/CVE-2016-9604"
},
{
"category": "external",
"summary": "SUSE Bug 1035576 for CVE-2016-9604",
"url": "https://bugzilla.suse.com/1035576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2016-9604"
},
{
"cve": "CVE-2017-2647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2647"
}
],
"notes": [
{
"category": "general",
"text": "The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2647",
"url": "https://www.suse.com/security/cve/CVE-2017-2647"
},
{
"category": "external",
"summary": "SUSE Bug 1030593 for CVE-2017-2647",
"url": "https://bugzilla.suse.com/1030593"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-2647",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2017-2647"
},
{
"cve": "CVE-2017-2671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2671"
}
],
"notes": [
{
"category": "general",
"text": "The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a denial of service (panic) by leveraging access to the protocol value of IPPROTO_ICMP in a socket system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2671",
"url": "https://www.suse.com/security/cve/CVE-2017-2671"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-2671",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1031003 for CVE-2017-2671",
"url": "https://bugzilla.suse.com/1031003"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-2671",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2017-2671"
},
{
"cve": "CVE-2017-5669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5669"
}
],
"notes": [
{
"category": "general",
"text": "The do_shmat function in ipc/shm.c in the Linux kernel through 4.9.12 does not restrict the address calculated by a certain rounding operation, which allows local users to map page zero, and consequently bypass a protection mechanism that exists for the mmap system call, by making crafted shmget and shmat system calls in a privileged context.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5669",
"url": "https://www.suse.com/security/cve/CVE-2017-5669"
},
{
"category": "external",
"summary": "SUSE Bug 1026914 for CVE-2017-5669",
"url": "https://bugzilla.suse.com/1026914"
},
{
"category": "external",
"summary": "SUSE Bug 1102390 for CVE-2017-5669",
"url": "https://bugzilla.suse.com/1102390"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-5669",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-5669"
},
{
"cve": "CVE-2017-5897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5897"
}
],
"notes": [
{
"category": "general",
"text": "The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5897",
"url": "https://www.suse.com/security/cve/CVE-2017-5897"
},
{
"category": "external",
"summary": "SUSE Bug 1023762 for CVE-2017-5897",
"url": "https://bugzilla.suse.com/1023762"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-5897",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "low"
}
],
"title": "CVE-2017-5897"
},
{
"cve": "CVE-2017-5986",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-5986"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the sctp_wait_for_sndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service (assertion failure and panic) via a multithreaded application that peels off an association in a certain buffer-full state.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-5986",
"url": "https://www.suse.com/security/cve/CVE-2017-5986"
},
{
"category": "external",
"summary": "SUSE Bug 1025235 for CVE-2017-5986",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "external",
"summary": "SUSE Bug 1027066 for CVE-2017-5986",
"url": "https://bugzilla.suse.com/1027066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-5986"
},
{
"cve": "CVE-2017-6074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6074"
}
],
"notes": [
{
"category": "general",
"text": "The dccp_rcv_state_process function in net/dccp/input.c in the Linux kernel through 4.9.11 mishandles DCCP_PKT_REQUEST packet data structures in the LISTEN state, which allows local users to obtain root privileges or cause a denial of service (double free) via an application that makes an IPV6_RECVPKTINFO setsockopt system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6074",
"url": "https://www.suse.com/security/cve/CVE-2017-6074"
},
{
"category": "external",
"summary": "SUSE Bug 1026024 for CVE-2017-6074",
"url": "https://bugzilla.suse.com/1026024"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2017-6074",
"url": "https://bugzilla.suse.com/1072204"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2017-6074"
},
{
"cve": "CVE-2017-6214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6214"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6214",
"url": "https://www.suse.com/security/cve/CVE-2017-6214"
},
{
"category": "external",
"summary": "SUSE Bug 1026722 for CVE-2017-6214",
"url": "https://bugzilla.suse.com/1026722"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-6214",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-6214",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-6214"
},
{
"cve": "CVE-2017-6345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6345"
}
],
"notes": [
{
"category": "general",
"text": "The LLC subsystem in the Linux kernel before 4.9.13 does not ensure that a certain destructor exists in required circumstances, which allows local users to cause a denial of service (BUG_ON) or possibly have unspecified other impact via crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6345",
"url": "https://www.suse.com/security/cve/CVE-2017-6345"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-6345",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1027190 for CVE-2017-6345",
"url": "https://bugzilla.suse.com/1027190"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-6345",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-6345"
},
{
"cve": "CVE-2017-6346",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6346"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in net/packet/af_packet.c in the Linux kernel before 4.9.13 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a multithreaded application that makes PACKET_FANOUT setsockopt system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6346",
"url": "https://www.suse.com/security/cve/CVE-2017-6346"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-6346",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1027189 for CVE-2017-6346",
"url": "https://bugzilla.suse.com/1027189"
},
{
"category": "external",
"summary": "SUSE Bug 1064388 for CVE-2017-6346",
"url": "https://bugzilla.suse.com/1064388"
},
{
"category": "external",
"summary": "SUSE Bug 1064392 for CVE-2017-6346",
"url": "https://bugzilla.suse.com/1064392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "low"
}
],
"title": "CVE-2017-6346"
},
{
"cve": "CVE-2017-6348",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6348"
}
],
"notes": [
{
"category": "general",
"text": "The hashbin_delete function in net/irda/irqueue.c in the Linux kernel before 4.9.13 improperly manages lock dropping, which allows local users to cause a denial of service (deadlock) via crafted operations on IrDA devices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6348",
"url": "https://www.suse.com/security/cve/CVE-2017-6348"
},
{
"category": "external",
"summary": "SUSE Bug 1027178 for CVE-2017-6348",
"url": "https://bugzilla.suse.com/1027178"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-6348",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-6348"
},
{
"cve": "CVE-2017-6353",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6353"
}
],
"notes": [
{
"category": "general",
"text": "net/sctp/socket.c in the Linux kernel through 4.10.1 does not properly restrict association peel-off operations during certain wait states, which allows local users to cause a denial of service (invalid unlock and double free) via a multithreaded application. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-5986.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6353",
"url": "https://www.suse.com/security/cve/CVE-2017-6353"
},
{
"category": "external",
"summary": "SUSE Bug 1025235 for CVE-2017-6353",
"url": "https://bugzilla.suse.com/1025235"
},
{
"category": "external",
"summary": "SUSE Bug 1027066 for CVE-2017-6353",
"url": "https://bugzilla.suse.com/1027066"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-6353"
},
{
"cve": "CVE-2017-6951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6951"
}
],
"notes": [
{
"category": "general",
"text": "The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \"dead\" type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6951",
"url": "https://www.suse.com/security/cve/CVE-2017-6951"
},
{
"category": "external",
"summary": "SUSE Bug 1029850 for CVE-2017-6951",
"url": "https://bugzilla.suse.com/1029850"
},
{
"category": "external",
"summary": "SUSE Bug 1030593 for CVE-2017-6951",
"url": "https://bugzilla.suse.com/1030593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-6951"
},
{
"cve": "CVE-2017-7187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7187"
}
],
"notes": [
{
"category": "general",
"text": "The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel through 4.10.4 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact via a large command size in an SG_NEXT_CMD_LEN ioctl call, leading to out-of-bounds write access in the sg_write function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7187",
"url": "https://www.suse.com/security/cve/CVE-2017-7187"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-7187",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1030213 for CVE-2017-7187",
"url": "https://bugzilla.suse.com/1030213"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7187",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-7187"
},
{
"cve": "CVE-2017-7261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7261"
}
],
"notes": [
{
"category": "general",
"text": "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.5 does not check for a zero value of certain levels data, which allows local users to cause a denial of service (ZERO_SIZE_PTR dereference, and GPF and possibly panic) via a crafted ioctl call for a /dev/dri/renderD* device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7261",
"url": "https://www.suse.com/security/cve/CVE-2017-7261"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-7261",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1031052 for CVE-2017-7261",
"url": "https://bugzilla.suse.com/1031052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-7261"
},
{
"cve": "CVE-2017-7294",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7294"
}
],
"notes": [
{
"category": "general",
"text": "The vmw_surface_define_ioctl function in drivers/gpu/drm/vmwgfx/vmwgfx_surface.c in the Linux kernel through 4.10.6 does not validate addition of certain levels data, which allows local users to trigger an integer overflow and out-of-bounds write, and cause a denial of service (system hang or crash) or possibly gain privileges, via a crafted ioctl call for a /dev/dri/renderD* device.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7294",
"url": "https://www.suse.com/security/cve/CVE-2017-7294"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-7294",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1031440 for CVE-2017-7294",
"url": "https://bugzilla.suse.com/1031440"
},
{
"category": "external",
"summary": "SUSE Bug 1031481 for CVE-2017-7294",
"url": "https://bugzilla.suse.com/1031481"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7294",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-7294"
},
{
"cve": "CVE-2017-7308",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7308"
}
],
"notes": [
{
"category": "general",
"text": "The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7308",
"url": "https://www.suse.com/security/cve/CVE-2017-7308"
},
{
"category": "external",
"summary": "SUSE Bug 1027179 for CVE-2017-7308",
"url": "https://bugzilla.suse.com/1027179"
},
{
"category": "external",
"summary": "SUSE Bug 1031579 for CVE-2017-7308",
"url": "https://bugzilla.suse.com/1031579"
},
{
"category": "external",
"summary": "SUSE Bug 1031660 for CVE-2017-7308",
"url": "https://bugzilla.suse.com/1031660"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7308",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-7308"
},
{
"cve": "CVE-2017-7616",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7616"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7616",
"url": "https://www.suse.com/security/cve/CVE-2017-7616"
},
{
"category": "external",
"summary": "SUSE Bug 1033336 for CVE-2017-7616",
"url": "https://bugzilla.suse.com/1033336"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "moderate"
}
],
"title": "CVE-2017-7616"
},
{
"cve": "CVE-2017-7645",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7645"
}
],
"notes": [
{
"category": "general",
"text": "The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c, and fs/nfsd/nfsxdr.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7645",
"url": "https://www.suse.com/security/cve/CVE-2017-7645"
},
{
"category": "external",
"summary": "SUSE Bug 1034670 for CVE-2017-7645",
"url": "https://bugzilla.suse.com/1034670"
},
{
"category": "external",
"summary": "SUSE Bug 1036741 for CVE-2017-7645",
"url": "https://bugzilla.suse.com/1036741"
},
{
"category": "external",
"summary": "SUSE Bug 1046191 for CVE-2017-7645",
"url": "https://bugzilla.suse.com/1046191"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-7645",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "important"
}
],
"title": "CVE-2017-7645"
},
{
"cve": "CVE-2017-8106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-8106"
}
],
"notes": [
{
"category": "general",
"text": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-8106",
"url": "https://www.suse.com/security/cve/CVE-2017-8106"
},
{
"category": "external",
"summary": "SUSE Bug 1035877 for CVE-2017-8106",
"url": "https://bugzilla.suse.com/1035877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-default-1-4.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_74-60_64_40-xen-1-4.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-man-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.40.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-docs-3.12.74-60.64.40.4.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP1:kernel-obs-build-3.12.74-60.64.40.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP1:kernel-default-extra-3.12.74-60.64.40.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-05-19T12:12:38Z",
"details": "low"
}
],
"title": "CVE-2017-8106"
}
]
}
SUSE-SU-2017:2920-1
Vulnerability from csaf_suse - Published: 2017-11-02 13:02 - Updated: 2017-11-02 13:02Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 GA LTS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bnc#1064388).
- CVE-2015-9004: kernel/events/core.c in the Linux kernel mishandled counter grouping, which allowed local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions (bnc#1037306).
- CVE-2016-10229: udp.c in the Linux kernel allowed remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag (bnc#1032268).
- CVE-2016-9604: The handling of keyrings starting with '.' in KEYCTL_JOIN_SESSION_KEYRING, which could have allowed local users to manipulate privileged keyrings, was fixed (bsc#1035576)
- CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (>LP_NO) 'lp=none' arguments to the command line (bnc#1039456).
- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354).
- CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).
- CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152).
- CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).
- CVE-2017-12153: A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel This function did not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash (bnc#1058410).
- CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel did not ensure that the 'CR8-load exiting' and 'CR8-store exiting' L0 vmcs02 controls exist in cases where L1 omits the 'use TPR shadow' vmcs12 control, which allowed KVM L2 guest OS users to obtain read and write access to the hardware CR8 register (bnc#1058507).
- CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148).
- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667).
- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).
- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982).
- CVE-2017-14140: The move_pages system call in mm/migrate.c in the Linux kernel doesn't check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179).
- CVE-2017-15265: Use-after-free vulnerability in the Linux kernel allowed local users to have unspecified impact via vectors related to /dev/snd/seq (bnc#1062520).
- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327).
- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593).
- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the 'dead' type (bnc#1029850).
- CVE-2017-7482: A potential memory corruption was fixed in decoding of krb5 principals in the kernels kerberos handling. (bnc#1046107).
- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879).
- CVE-2017-7518: The Linux kernel was vulnerable to an incorrect debug exception(#DB) error. It could occur while emulating a syscall instruction and potentially lead to guest privilege escalation. (bsc#1045922).
- CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet (bnc#1049645).
- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882).
- CVE-2017-7889: The mm subsystem in the Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allowed local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c (bnc#1034405).
- CVE-2017-8106: The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 allowed privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer (bnc#1035877).
- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a 'double fetch' vulnerability (bnc#1037994).
- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544).
- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982).
- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981).
- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).
- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).
- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).
- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).
- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).
The following non-security bugs were fixed:
- btrfs: Fix a data space underflow warning (bsc#985562, bsc#975596, bsc#984779, bsc#1008353, bsc#1017941).
- dm-mpath: always return reservation conflict. bsc#938162
- getcwd: Close race with d_move called by lustre (bsc#1052593).
- ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (bsc#1041958).
- ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output (bsc#1041958).
- kabi: avoid bogus kabi errors in ip_output.c (bsc#1041958).
- keys: Disallow keyrings beginning with '.' to be joined as session keyrings (bnc#1035576).
- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348).
- net: account for current skb length when deciding about UFO (bsc#1041958).
- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670 CVE#2017-7645).
- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670 CVE#2017-7645).
- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670 CVE#2017-7645).
- printk: prevent userland from spoofing kernel messages (bsc#1039721).
- reiserfs: do not preallocate blocks for extended attributes (bsc#990682).
- tcp: do not inherit fastopen_req from parent (bsc#1038544).
- udp: disallow UFO for sockets with SO_NO_CHECK option (bsc#1041958).
- usb: wusbcore: fix NULL-deref at probe (bsc#1045487).
- vsock: Detach QP check should filter out non matching QPs (bsc#1036752 bsc#1047408).
- vsock: Fix lockdep issue (bsc#977417 bsc#1047408).
- vsock: sock_put wasn't safe to call in interrupt context (bsc#977417 bsc#1047408).
- xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present (bsc#1058524).
Patchnames: SUSE-SLE-Module-Public-Cloud-12-2017-1808,SUSE-SLE-SERVER-12-2017-1808
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
9.8 (Critical)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.8 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.4 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.3 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.6 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
8.1 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.6 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.3 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.9 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.7 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
4 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
6.2 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
5.5 (Medium)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
7.8 (High)
Vendor Fix
To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch".
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 GA LTS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2017-15649: net/packet/af_packet.c in the Linux kernel allowed local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346 (bnc#1064388).\n- CVE-2015-9004: kernel/events/core.c in the Linux kernel mishandled counter grouping, which allowed local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions (bnc#1037306).\n- CVE-2016-10229: udp.c in the Linux kernel allowed remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag (bnc#1032268).\n- CVE-2016-9604: The handling of keyrings starting with \u0027.\u0027 in KEYCTL_JOIN_SESSION_KEYRING, which could have allowed local users to manipulate privileged keyrings, was fixed (bsc#1035576)\n- CVE-2017-1000363: Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a \u0027secure boot\u0027 kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6\u0027s CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (\u003eLP_NO) \u0027lp=none\u0027 arguments to the command line (bnc#1039456).\n- CVE-2017-1000365: The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but did not take the argument and environment pointers into account, which allowed attackers to bypass this limitation. (bnc#1039354).\n- CVE-2017-1000380: sound/core/timer.c in the Linux kernel is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time (bnc#1044125).\n- CVE-2017-10661: Race condition in fs/timerfd.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing (bnc#1053152).\n- CVE-2017-11176: The mq_notify function in the Linux kernel did not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allowed attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact (bnc#1048275).\n- CVE-2017-12153: A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel This function did not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash (bnc#1058410).\n- CVE-2017-12154: The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel did not ensure that the \u0027CR8-load exiting\u0027 and \u0027CR8-store exiting\u0027 L0 vmcs02 controls exist in cases where L1 omits the \u0027use TPR shadow\u0027 vmcs12 control, which allowed KVM L2 guest OS users to obtain read and write access to the hardware CR8 register (bnc#1058507).\n- CVE-2017-12762: In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. (bnc#1053148).\n- CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allowed reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients (bnc#1063667).\n- CVE-2017-14051: An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel allowed local users to cause a denial of service (memory corruption and system crash) by leveraging root access (bnc#1056588).\n- CVE-2017-14106: The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel allowed local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path (bnc#1056982).\n- CVE-2017-14140: The move_pages system call in mm/migrate.c in the Linux kernel doesn\u0027t check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR (bnc#1057179).\n- CVE-2017-15265: Use-after-free vulnerability in the Linux kernel allowed local users to have unspecified impact via vectors related to /dev/snd/seq (bnc#1062520).\n- CVE-2017-15274: security/keys/keyctl.c in the Linux kernel did not consider the case of a NULL payload in conjunction with a nonzero length value, which allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192 (bnc#1045327).\n- CVE-2017-2647: The KEYS subsystem in the Linux kernel allowed local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c (bnc#1030593).\n- CVE-2017-6951: The keyring_search_aux function in security/keys/keyring.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \u0027dead\u0027 type (bnc#1029850).\n- CVE-2017-7482: A potential memory corruption was fixed in decoding of krb5 principals in the kernels kerberos handling. (bnc#1046107).\n- CVE-2017-7487: The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel mishandled reference counts, which allowed local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface (bnc#1038879).\n- CVE-2017-7518: The Linux kernel was vulnerable to an incorrect debug exception(#DB) error. It could occur while emulating a syscall instruction and potentially lead to guest privilege escalation. (bsc#1045922).\n- CVE-2017-7541: The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel allowed local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet (bnc#1049645).\n- CVE-2017-7542: The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel allowed local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket (bnc#1049882).\n- CVE-2017-7889: The mm subsystem in the Linux kernel did not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allowed local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c (bnc#1034405).\n- CVE-2017-8106: The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 allowed privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer (bnc#1035877).\n- CVE-2017-8831: The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel allowed local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \u0027double fetch\u0027 vulnerability (bnc#1037994).\n- CVE-2017-8890: The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel allowed attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call (bnc#1038544).\n- CVE-2017-8924: The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel allowed local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow (bnc#1037182 bsc#1038982).\n- CVE-2017-8925: The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel allowed local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling (bnc#1037183 bsc#1038981).\n- CVE-2017-9074: The IPv6 fragmentation implementation in the Linux kernel did not consider that the nexthdr field may be associated with an invalid option, which allowed local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls (bnc#1039882).\n- CVE-2017-9075: The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039883).\n- CVE-2017-9076: The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1039885).\n- CVE-2017-9077: The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel mishandled inheritance, which allowed local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890 (bnc#1040069).\n- CVE-2017-9242: The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel is too late in checking whether an overwrite of an skb data structure may occur, which allowed local users to cause a denial of service (system crash) via crafted system calls (bnc#1041431).\n\nThe following non-security bugs were fixed:\n\n- btrfs: Fix a data space underflow warning (bsc#985562, bsc#975596, bsc#984779, bsc#1008353, bsc#1017941).\n- dm-mpath: always return reservation conflict. bsc#938162\n- getcwd: Close race with d_move called by lustre (bsc#1052593).\n- ipv4: Should use consistent conditional judgement for ip fragment in __ip_append_data and ip_finish_output (bsc#1041958).\n- ipv6: Should use consistent conditional judgement for ip6 fragment between __ip6_append_data and ip6_finish_output (bsc#1041958).\n- kabi: avoid bogus kabi errors in ip_output.c (bsc#1041958).\n- keys: Disallow keyrings beginning with \u0027.\u0027 to be joined as session keyrings (bnc#1035576).\n- mm/mmap.c: do not blow on PROT_NONE MAP_FIXED holes in the stack (bnc#1039348).\n- net: account for current skb length when deciding about UFO (bsc#1041958).\n- nfsd4: minor NFSv2/v3 write decoding cleanup (bsc#1034670 CVE#2017-7645).\n- nfsd: check for oversized NFSv2/v3 arguments (bsc#1034670 CVE#2017-7645).\n- nfsd: stricter decoding of write-like NFSv2/v3 ops (bsc#1034670 CVE#2017-7645).\n- printk: prevent userland from spoofing kernel messages (bsc#1039721).\n- reiserfs: do not preallocate blocks for extended attributes (bsc#990682).\n- tcp: do not inherit fastopen_req from parent (bsc#1038544).\n- udp: disallow UFO for sockets with SO_NO_CHECK option (bsc#1041958).\n- usb: wusbcore: fix NULL-deref at probe (bsc#1045487).\n- vsock: Detach QP check should filter out non matching QPs (bsc#1036752 bsc#1047408).\n- vsock: Fix lockdep issue (bsc#977417 bsc#1047408).\n- vsock: sock_put wasn\u0027t safe to call in interrupt context (bsc#977417 bsc#1047408).\n- xfs: XFS_IS_REALTIME_INODE() should be false if no rt device present (bsc#1058524).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Public-Cloud-12-2017-1808,SUSE-SLE-SERVER-12-2017-1808",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2920-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2920-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172920-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2920-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-November/003367.html"
},
{
"category": "self",
"summary": "SUSE Bug 1008353",
"url": "https://bugzilla.suse.com/1008353"
},
{
"category": "self",
"summary": "SUSE Bug 1012422",
"url": "https://bugzilla.suse.com/1012422"
},
{
"category": "self",
"summary": "SUSE Bug 1017941",
"url": "https://bugzilla.suse.com/1017941"
},
{
"category": "self",
"summary": "SUSE Bug 1029850",
"url": "https://bugzilla.suse.com/1029850"
},
{
"category": "self",
"summary": "SUSE Bug 1030593",
"url": "https://bugzilla.suse.com/1030593"
},
{
"category": "self",
"summary": "SUSE Bug 1032268",
"url": "https://bugzilla.suse.com/1032268"
},
{
"category": "self",
"summary": "SUSE Bug 1034405",
"url": "https://bugzilla.suse.com/1034405"
},
{
"category": "self",
"summary": "SUSE Bug 1034670",
"url": "https://bugzilla.suse.com/1034670"
},
{
"category": "self",
"summary": "SUSE Bug 1035576",
"url": "https://bugzilla.suse.com/1035576"
},
{
"category": "self",
"summary": "SUSE Bug 1035877",
"url": "https://bugzilla.suse.com/1035877"
},
{
"category": "self",
"summary": "SUSE Bug 1036752",
"url": "https://bugzilla.suse.com/1036752"
},
{
"category": "self",
"summary": "SUSE Bug 1037182",
"url": "https://bugzilla.suse.com/1037182"
},
{
"category": "self",
"summary": "SUSE Bug 1037183",
"url": "https://bugzilla.suse.com/1037183"
},
{
"category": "self",
"summary": "SUSE Bug 1037306",
"url": "https://bugzilla.suse.com/1037306"
},
{
"category": "self",
"summary": "SUSE Bug 1037994",
"url": "https://bugzilla.suse.com/1037994"
},
{
"category": "self",
"summary": "SUSE Bug 1038544",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "self",
"summary": "SUSE Bug 1038879",
"url": "https://bugzilla.suse.com/1038879"
},
{
"category": "self",
"summary": "SUSE Bug 1038981",
"url": "https://bugzilla.suse.com/1038981"
},
{
"category": "self",
"summary": "SUSE Bug 1038982",
"url": "https://bugzilla.suse.com/1038982"
},
{
"category": "self",
"summary": "SUSE Bug 1039348",
"url": "https://bugzilla.suse.com/1039348"
},
{
"category": "self",
"summary": "SUSE Bug 1039349",
"url": "https://bugzilla.suse.com/1039349"
},
{
"category": "self",
"summary": "SUSE Bug 1039354",
"url": "https://bugzilla.suse.com/1039354"
},
{
"category": "self",
"summary": "SUSE Bug 1039456",
"url": "https://bugzilla.suse.com/1039456"
},
{
"category": "self",
"summary": "SUSE Bug 1039721",
"url": "https://bugzilla.suse.com/1039721"
},
{
"category": "self",
"summary": "SUSE Bug 1039882",
"url": "https://bugzilla.suse.com/1039882"
},
{
"category": "self",
"summary": "SUSE Bug 1039883",
"url": "https://bugzilla.suse.com/1039883"
},
{
"category": "self",
"summary": "SUSE Bug 1039885",
"url": "https://bugzilla.suse.com/1039885"
},
{
"category": "self",
"summary": "SUSE Bug 1040069",
"url": "https://bugzilla.suse.com/1040069"
},
{
"category": "self",
"summary": "SUSE Bug 1041431",
"url": "https://bugzilla.suse.com/1041431"
},
{
"category": "self",
"summary": "SUSE Bug 1041958",
"url": "https://bugzilla.suse.com/1041958"
},
{
"category": "self",
"summary": "SUSE Bug 1044125",
"url": "https://bugzilla.suse.com/1044125"
},
{
"category": "self",
"summary": "SUSE Bug 1045327",
"url": "https://bugzilla.suse.com/1045327"
},
{
"category": "self",
"summary": "SUSE Bug 1045487",
"url": "https://bugzilla.suse.com/1045487"
},
{
"category": "self",
"summary": "SUSE Bug 1045922",
"url": "https://bugzilla.suse.com/1045922"
},
{
"category": "self",
"summary": "SUSE Bug 1046107",
"url": "https://bugzilla.suse.com/1046107"
},
{
"category": "self",
"summary": "SUSE Bug 1047408",
"url": "https://bugzilla.suse.com/1047408"
},
{
"category": "self",
"summary": "SUSE Bug 1048275",
"url": "https://bugzilla.suse.com/1048275"
},
{
"category": "self",
"summary": "SUSE Bug 1049645",
"url": "https://bugzilla.suse.com/1049645"
},
{
"category": "self",
"summary": "SUSE Bug 1049882",
"url": "https://bugzilla.suse.com/1049882"
},
{
"category": "self",
"summary": "SUSE Bug 1052593",
"url": "https://bugzilla.suse.com/1052593"
},
{
"category": "self",
"summary": "SUSE Bug 1053148",
"url": "https://bugzilla.suse.com/1053148"
},
{
"category": "self",
"summary": "SUSE Bug 1053152",
"url": "https://bugzilla.suse.com/1053152"
},
{
"category": "self",
"summary": "SUSE Bug 1056588",
"url": "https://bugzilla.suse.com/1056588"
},
{
"category": "self",
"summary": "SUSE Bug 1056982",
"url": "https://bugzilla.suse.com/1056982"
},
{
"category": "self",
"summary": "SUSE Bug 1057179",
"url": "https://bugzilla.suse.com/1057179"
},
{
"category": "self",
"summary": "SUSE Bug 1058038",
"url": "https://bugzilla.suse.com/1058038"
},
{
"category": "self",
"summary": "SUSE Bug 1058410",
"url": "https://bugzilla.suse.com/1058410"
},
{
"category": "self",
"summary": "SUSE Bug 1058507",
"url": "https://bugzilla.suse.com/1058507"
},
{
"category": "self",
"summary": "SUSE Bug 1058524",
"url": "https://bugzilla.suse.com/1058524"
},
{
"category": "self",
"summary": "SUSE Bug 1062520",
"url": "https://bugzilla.suse.com/1062520"
},
{
"category": "self",
"summary": "SUSE Bug 1063667",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "self",
"summary": "SUSE Bug 1064388",
"url": "https://bugzilla.suse.com/1064388"
},
{
"category": "self",
"summary": "SUSE Bug 938162",
"url": "https://bugzilla.suse.com/938162"
},
{
"category": "self",
"summary": "SUSE Bug 975596",
"url": "https://bugzilla.suse.com/975596"
},
{
"category": "self",
"summary": "SUSE Bug 977417",
"url": "https://bugzilla.suse.com/977417"
},
{
"category": "self",
"summary": "SUSE Bug 984779",
"url": "https://bugzilla.suse.com/984779"
},
{
"category": "self",
"summary": "SUSE Bug 985562",
"url": "https://bugzilla.suse.com/985562"
},
{
"category": "self",
"summary": "SUSE Bug 990682",
"url": "https://bugzilla.suse.com/990682"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-9004 page",
"url": "https://www.suse.com/security/cve/CVE-2015-9004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-10229 page",
"url": "https://www.suse.com/security/cve/CVE-2016-10229/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2016-9604 page",
"url": "https://www.suse.com/security/cve/CVE-2016-9604/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000363 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000363/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000365 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000365/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-1000380 page",
"url": "https://www.suse.com/security/cve/CVE-2017-1000380/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-10661 page",
"url": "https://www.suse.com/security/cve/CVE-2017-10661/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11176 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12153 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12153/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12154 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12154/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-12762 page",
"url": "https://www.suse.com/security/cve/CVE-2017-12762/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13080 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13080/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14051 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14051/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14106 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-14140 page",
"url": "https://www.suse.com/security/cve/CVE-2017-14140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15265 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15265/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15274 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15274/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-15649 page",
"url": "https://www.suse.com/security/cve/CVE-2017-15649/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-2647 page",
"url": "https://www.suse.com/security/cve/CVE-2017-2647/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-6951 page",
"url": "https://www.suse.com/security/cve/CVE-2017-6951/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7482 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7482/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7487 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7518 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7541 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7542 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7542/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7889 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7889/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-8106 page",
"url": "https://www.suse.com/security/cve/CVE-2017-8106/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-8831 page",
"url": "https://www.suse.com/security/cve/CVE-2017-8831/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-8890 page",
"url": "https://www.suse.com/security/cve/CVE-2017-8890/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-8924 page",
"url": "https://www.suse.com/security/cve/CVE-2017-8924/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-8925 page",
"url": "https://www.suse.com/security/cve/CVE-2017-8925/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9074 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9075 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9075/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9076 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9076/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9077 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9242 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9242/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2017-11-02T13:02:36Z",
"generator": {
"date": "2017-11-02T13:02:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2920-1",
"initial_release_date": "2017-11-02T13:02:36Z",
"revision_history": [
{
"date": "2017-11-02T13:02:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.61-52.101.1.noarch",
"product": {
"name": "kernel-devel-3.12.61-52.101.1.noarch",
"product_id": "kernel-devel-3.12.61-52.101.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.61-52.101.1.noarch",
"product": {
"name": "kernel-macros-3.12.61-52.101.1.noarch",
"product_id": "kernel-macros-3.12.61-52.101.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.61-52.101.1.noarch",
"product": {
"name": "kernel-source-3.12.61-52.101.1.noarch",
"product_id": "kernel-source-3.12.61-52.101.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.101.1.ppc64le",
"product": {
"name": "kernel-default-3.12.61-52.101.1.ppc64le",
"product_id": "kernel-default-3.12.61-52.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.101.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.61-52.101.1.ppc64le",
"product_id": "kernel-default-base-3.12.61-52.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.101.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.61-52.101.1.ppc64le",
"product_id": "kernel-default-devel-3.12.61-52.101.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.101.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.61-52.101.1.ppc64le",
"product_id": "kernel-syms-3.12.61-52.101.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.101.1.s390x",
"product": {
"name": "kernel-default-3.12.61-52.101.1.s390x",
"product_id": "kernel-default-3.12.61-52.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.101.1.s390x",
"product": {
"name": "kernel-default-base-3.12.61-52.101.1.s390x",
"product_id": "kernel-default-base-3.12.61-52.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.101.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.61-52.101.1.s390x",
"product_id": "kernel-default-devel-3.12.61-52.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.61-52.101.1.s390x",
"product": {
"name": "kernel-default-man-3.12.61-52.101.1.s390x",
"product_id": "kernel-default-man-3.12.61-52.101.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.101.1.s390x",
"product": {
"name": "kernel-syms-3.12.61-52.101.1.s390x",
"product_id": "kernel-syms-3.12.61-52.101.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-ec2-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.61-52.101.1.x86_64",
"product_id": "kernel-ec2-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-default-3.12.61-52.101.1.x86_64",
"product_id": "kernel-default-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.61-52.101.1.x86_64",
"product_id": "kernel-default-base-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.61-52.101.1.x86_64",
"product_id": "kernel-default-devel-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-syms-3.12.61-52.101.1.x86_64",
"product_id": "kernel-syms-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-xen-3.12.61-52.101.1.x86_64",
"product_id": "kernel-xen-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.61-52.101.1.x86_64",
"product_id": "kernel-xen-base-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.61-52.101.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.61-52.101.1.x86_64",
"product_id": "kernel-xen-devel-3.12.61-52.101.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.101.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le"
},
"product_reference": "kernel-default-3.12.61-52.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x"
},
"product_reference": "kernel-default-3.12.61-52.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-default-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.101.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.61-52.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x"
},
"product_reference": "kernel-default-base-3.12.61-52.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.101.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.61-52.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.61-52.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x"
},
"product_reference": "kernel-default-man-3.12.61-52.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.61-52.101.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch"
},
"product_reference": "kernel-devel-3.12.61-52.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.61-52.101.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch"
},
"product_reference": "kernel-macros-3.12.61-52.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.61-52.101.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch"
},
"product_reference": "kernel-source-3.12.61-52.101.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.101.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.61-52.101.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.101.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x"
},
"product_reference": "kernel-syms-3.12.61-52.101.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-syms-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-xen-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.61-52.101.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.61-52.101.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2015-9004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-9004"
}
],
"notes": [
{
"category": "general",
"text": "kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-9004",
"url": "https://www.suse.com/security/cve/CVE-2015-9004"
},
{
"category": "external",
"summary": "SUSE Bug 1037306 for CVE-2015-9004",
"url": "https://bugzilla.suse.com/1037306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2015-9004"
},
{
"cve": "CVE-2016-10229",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-10229"
}
],
"notes": [
{
"category": "general",
"text": "udp.c in the Linux kernel before 4.5 allows remote attackers to execute arbitrary code via UDP traffic that triggers an unsafe second checksum calculation during execution of a recv system call with the MSG_PEEK flag.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-10229",
"url": "https://www.suse.com/security/cve/CVE-2016-10229"
},
{
"category": "external",
"summary": "SUSE Bug 1032268 for CVE-2016-10229",
"url": "https://bugzilla.suse.com/1032268"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "critical"
}
],
"title": "CVE-2016-10229"
},
{
"cve": "CVE-2016-9604",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2016-9604"
}
],
"notes": [
{
"category": "general",
"text": "It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as \u0027.dns_resolver\u0027 in RHEL-7 or \u0027.builtin_trusted_keys\u0027 upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2016-9604",
"url": "https://www.suse.com/security/cve/CVE-2016-9604"
},
{
"category": "external",
"summary": "SUSE Bug 1035576 for CVE-2016-9604",
"url": "https://bugzilla.suse.com/1035576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2016-9604"
},
{
"cve": "CVE-2017-1000363",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000363"
}
],
"notes": [
{
"category": "general",
"text": "Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a \u0027secure boot\u0027 kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6\u0027s CVE-2016-10277, where due to a vulnerability the adversary has partial control over the command line) can overflow the parport_nr array in the following code, by appending many (\u003eLP_NO) \u0027lp=none\u0027 arguments to the command line.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000363",
"url": "https://www.suse.com/security/cve/CVE-2017-1000363"
},
{
"category": "external",
"summary": "SUSE Bug 1039456 for CVE-2017-1000363",
"url": "https://bugzilla.suse.com/1039456"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-1000363",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-1000363"
},
{
"cve": "CVE-2017-1000365",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000365"
}
],
"notes": [
{
"category": "general",
"text": "The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000365",
"url": "https://www.suse.com/security/cve/CVE-2017-1000365"
},
{
"category": "external",
"summary": "SUSE Bug 1037551 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1037551"
},
{
"category": "external",
"summary": "SUSE Bug 1039346 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1039346"
},
{
"category": "external",
"summary": "SUSE Bug 1039349 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1039349"
},
{
"category": "external",
"summary": "SUSE Bug 1039354 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1039354"
},
{
"category": "external",
"summary": "SUSE Bug 1054557 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1054557"
},
{
"category": "external",
"summary": "SUSE Bug 1077345 for CVE-2017-1000365",
"url": "https://bugzilla.suse.com/1077345"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "low"
}
],
"title": "CVE-2017-1000365"
},
{
"cve": "CVE-2017-1000380",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-1000380"
}
],
"notes": [
{
"category": "general",
"text": "sound/core/timer.c in the Linux kernel before 4.11.5 is vulnerable to a data race in the ALSA /dev/snd/timer driver resulting in local users being able to read information belonging to other users, i.e., uninitialized memory contents may be disclosed when a read and an ioctl happen at the same time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-1000380",
"url": "https://www.suse.com/security/cve/CVE-2017-1000380"
},
{
"category": "external",
"summary": "SUSE Bug 1044125 for CVE-2017-1000380",
"url": "https://bugzilla.suse.com/1044125"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "low"
}
],
"title": "CVE-2017-1000380"
},
{
"cve": "CVE-2017-10661",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-10661"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-10661",
"url": "https://www.suse.com/security/cve/CVE-2017-10661"
},
{
"category": "external",
"summary": "SUSE Bug 1053152 for CVE-2017-10661",
"url": "https://bugzilla.suse.com/1053152"
},
{
"category": "external",
"summary": "SUSE Bug 1053153 for CVE-2017-10661",
"url": "https://bugzilla.suse.com/1053153"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-10661",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "important"
}
],
"title": "CVE-2017-10661"
},
{
"cve": "CVE-2017-11176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11176"
}
],
"notes": [
{
"category": "general",
"text": "The mq_notify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlink socket, it allows attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11176",
"url": "https://www.suse.com/security/cve/CVE-2017-11176"
},
{
"category": "external",
"summary": "SUSE Bug 1048275 for CVE-2017-11176",
"url": "https://bugzilla.suse.com/1048275"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-11176",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "important"
}
],
"title": "CVE-2017-11176"
},
{
"cve": "CVE-2017-12153",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12153"
}
],
"notes": [
{
"category": "general",
"text": "A security flaw was discovered in the nl80211_set_rekey_data() function in net/wireless/nl80211.c in the Linux kernel through 4.13.3. This function does not check whether the required attributes are present in a Netlink request. This request can be issued by a user with the CAP_NET_ADMIN capability and may result in a NULL pointer dereference and system crash.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12153",
"url": "https://www.suse.com/security/cve/CVE-2017-12153"
},
{
"category": "external",
"summary": "SUSE Bug 1058410 for CVE-2017-12153",
"url": "https://bugzilla.suse.com/1058410"
},
{
"category": "external",
"summary": "SUSE Bug 1058624 for CVE-2017-12153",
"url": "https://bugzilla.suse.com/1058624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-12153"
},
{
"cve": "CVE-2017-12154",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12154"
}
],
"notes": [
{
"category": "general",
"text": "The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the \"CR8-load exiting\" and \"CR8-store exiting\" L0 vmcs02 controls exist in cases where L1 omits the \"use TPR shadow\" vmcs12 control, which allows KVM L2 guest OS users to obtain read and write access to the hardware CR8 register.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12154",
"url": "https://www.suse.com/security/cve/CVE-2017-12154"
},
{
"category": "external",
"summary": "SUSE Bug 1058038 for CVE-2017-12154",
"url": "https://bugzilla.suse.com/1058038"
},
{
"category": "external",
"summary": "SUSE Bug 1058507 for CVE-2017-12154",
"url": "https://bugzilla.suse.com/1058507"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-12154"
},
{
"cve": "CVE-2017-12762",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-12762"
}
],
"notes": [
{
"category": "general",
"text": "In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-12762",
"url": "https://www.suse.com/security/cve/CVE-2017-12762"
},
{
"category": "external",
"summary": "SUSE Bug 1053148 for CVE-2017-12762",
"url": "https://bugzilla.suse.com/1053148"
},
{
"category": "external",
"summary": "SUSE Bug 1053150 for CVE-2017-12762",
"url": "https://bugzilla.suse.com/1053150"
},
{
"category": "external",
"summary": "SUSE Bug 1072117 for CVE-2017-12762",
"url": "https://bugzilla.suse.com/1072117"
},
{
"category": "external",
"summary": "SUSE Bug 1072162 for CVE-2017-12762",
"url": "https://bugzilla.suse.com/1072162"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-12762",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "important"
}
],
"title": "CVE-2017-12762"
},
{
"cve": "CVE-2017-13080",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13080"
}
],
"notes": [
{
"category": "general",
"text": "Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13080",
"url": "https://www.suse.com/security/cve/CVE-2017-13080"
},
{
"category": "external",
"summary": "SUSE Bug 1056061 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1056061"
},
{
"category": "external",
"summary": "SUSE Bug 1063479 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063479"
},
{
"category": "external",
"summary": "SUSE Bug 1063667 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063667"
},
{
"category": "external",
"summary": "SUSE Bug 1063671 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1063671"
},
{
"category": "external",
"summary": "SUSE Bug 1066295 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1066295"
},
{
"category": "external",
"summary": "SUSE Bug 1105108 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1105108"
},
{
"category": "external",
"summary": "SUSE Bug 1178872 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1178872"
},
{
"category": "external",
"summary": "SUSE Bug 1179588 for CVE-2017-13080",
"url": "https://bugzilla.suse.com/1179588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-14051",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14051"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow in the qla2x00_sysfs_write_optrom_ctl function in drivers/scsi/qla2xxx/qla_attr.c in the Linux kernel through 4.12.10 allows local users to cause a denial of service (memory corruption and system crash) by leveraging root access.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14051",
"url": "https://www.suse.com/security/cve/CVE-2017-14051"
},
{
"category": "external",
"summary": "SUSE Bug 1056588 for CVE-2017-14051",
"url": "https://bugzilla.suse.com/1056588"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-14051"
},
{
"cve": "CVE-2017-14106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14106"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_disconnect function in net/ipv4/tcp.c in the Linux kernel before 4.12 allows local users to cause a denial of service (__tcp_select_window divide-by-zero error and system crash) by triggering a disconnect within a certain tcp_recvmsg code path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14106",
"url": "https://www.suse.com/security/cve/CVE-2017-14106"
},
{
"category": "external",
"summary": "SUSE Bug 1056982 for CVE-2017-14106",
"url": "https://bugzilla.suse.com/1056982"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-14106"
},
{
"cve": "CVE-2017-14140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-14140"
}
],
"notes": [
{
"category": "general",
"text": "The move_pages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn\u0027t check the effective uid of the target process, enabling a local attacker to learn the memory layout of a setuid executable despite ASLR.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-14140",
"url": "https://www.suse.com/security/cve/CVE-2017-14140"
},
{
"category": "external",
"summary": "SUSE Bug 1057179 for CVE-2017-14140",
"url": "https://bugzilla.suse.com/1057179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "low"
}
],
"title": "CVE-2017-14140"
},
{
"cve": "CVE-2017-15265",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15265"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in the ALSA subsystem in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted /dev/snd/seq ioctl calls, related to sound/core/seq/seq_clientmgr.c and sound/core/seq/seq_ports.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15265",
"url": "https://www.suse.com/security/cve/CVE-2017-15265"
},
{
"category": "external",
"summary": "SUSE Bug 1062520 for CVE-2017-15265",
"url": "https://bugzilla.suse.com/1062520"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-15265",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "low"
}
],
"title": "CVE-2017-15265"
},
{
"cve": "CVE-2017-15274",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15274"
}
],
"notes": [
{
"category": "general",
"text": "security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a crafted add_key or keyctl system call, a different vulnerability than CVE-2017-12192.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15274",
"url": "https://www.suse.com/security/cve/CVE-2017-15274"
},
{
"category": "external",
"summary": "SUSE Bug 1045327 for CVE-2017-15274",
"url": "https://bugzilla.suse.com/1045327"
},
{
"category": "external",
"summary": "SUSE Bug 1062471 for CVE-2017-15274",
"url": "https://bugzilla.suse.com/1062471"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "low"
}
],
"title": "CVE-2017-15274"
},
{
"cve": "CVE-2017-15649",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-15649"
}
],
"notes": [
{
"category": "general",
"text": "net/packet/af_packet.c in the Linux kernel before 4.13.6 allows local users to gain privileges via crafted system calls that trigger mishandling of packet_fanout data structures, because of a race condition (involving fanout_add and packet_do_bind) that leads to a use-after-free, a different vulnerability than CVE-2017-6346.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-15649",
"url": "https://www.suse.com/security/cve/CVE-2017-15649"
},
{
"category": "external",
"summary": "SUSE Bug 1064388 for CVE-2017-15649",
"url": "https://bugzilla.suse.com/1064388"
},
{
"category": "external",
"summary": "SUSE Bug 1064392 for CVE-2017-15649",
"url": "https://bugzilla.suse.com/1064392"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-15649",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "important"
}
],
"title": "CVE-2017-15649"
},
{
"cve": "CVE-2017-2647",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-2647"
}
],
"notes": [
{
"category": "general",
"text": "The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-2647",
"url": "https://www.suse.com/security/cve/CVE-2017-2647"
},
{
"category": "external",
"summary": "SUSE Bug 1030593 for CVE-2017-2647",
"url": "https://bugzilla.suse.com/1030593"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-2647",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "important"
}
],
"title": "CVE-2017-2647"
},
{
"cve": "CVE-2017-6951",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-6951"
}
],
"notes": [
{
"category": "general",
"text": "The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the \"dead\" type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-6951",
"url": "https://www.suse.com/security/cve/CVE-2017-6951"
},
{
"category": "external",
"summary": "SUSE Bug 1029850 for CVE-2017-6951",
"url": "https://bugzilla.suse.com/1029850"
},
{
"category": "external",
"summary": "SUSE Bug 1030593 for CVE-2017-6951",
"url": "https://bugzilla.suse.com/1030593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-6951"
},
{
"cve": "CVE-2017-7482",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7482"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7482",
"url": "https://www.suse.com/security/cve/CVE-2017-7482"
},
{
"category": "external",
"summary": "SUSE Bug 1046107 for CVE-2017-7482",
"url": "https://bugzilla.suse.com/1046107"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7482",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-7482"
},
{
"cve": "CVE-2017-7487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7487"
}
],
"notes": [
{
"category": "general",
"text": "The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7487",
"url": "https://www.suse.com/security/cve/CVE-2017-7487"
},
{
"category": "external",
"summary": "SUSE Bug 1038879 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1038879"
},
{
"category": "external",
"summary": "SUSE Bug 1038883 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1038883"
},
{
"category": "external",
"summary": "SUSE Bug 1038981 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1038981"
},
{
"category": "external",
"summary": "SUSE Bug 1038982 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1038982"
},
{
"category": "external",
"summary": "SUSE Bug 1072204 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1072204"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2017-7487",
"url": "https://bugzilla.suse.com/870618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-7487"
},
{
"cve": "CVE-2017-7518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7518"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/process inside a guest could use this flaw to potentially escalate their privileges inside the guest. Linux guests are not affected by this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7518",
"url": "https://www.suse.com/security/cve/CVE-2017-7518"
},
{
"category": "external",
"summary": "SUSE Bug 1045922 for CVE-2017-7518",
"url": "https://bugzilla.suse.com/1045922"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-7518",
"url": "https://bugzilla.suse.com/1087082"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-7518"
},
{
"cve": "CVE-2017-7541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7541"
}
],
"notes": [
{
"category": "general",
"text": "The brcmf_cfg80211_mgmt_tx function in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux kernel before 4.12.3 allows local users to cause a denial of service (buffer overflow and system crash) or possibly gain privileges via a crafted NL80211_CMD_FRAME Netlink packet.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7541",
"url": "https://www.suse.com/security/cve/CVE-2017-7541"
},
{
"category": "external",
"summary": "SUSE Bug 1049645 for CVE-2017-7541",
"url": "https://bugzilla.suse.com/1049645"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-7541"
},
{
"cve": "CVE-2017-7542",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7542"
}
],
"notes": [
{
"category": "general",
"text": "The ip6_find_1stfragopt function in net/ipv6/output_core.c in the Linux kernel through 4.12.3 allows local users to cause a denial of service (integer overflow and infinite loop) by leveraging the ability to open a raw socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7542",
"url": "https://www.suse.com/security/cve/CVE-2017-7542"
},
{
"category": "external",
"summary": "SUSE Bug 1049882 for CVE-2017-7542",
"url": "https://bugzilla.suse.com/1049882"
},
{
"category": "external",
"summary": "SUSE Bug 1061936 for CVE-2017-7542",
"url": "https://bugzilla.suse.com/1061936"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-7542"
},
{
"cve": "CVE-2017-7889",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7889"
}
],
"notes": [
{
"category": "general",
"text": "The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7889",
"url": "https://www.suse.com/security/cve/CVE-2017-7889"
},
{
"category": "external",
"summary": "SUSE Bug 1034405 for CVE-2017-7889",
"url": "https://bugzilla.suse.com/1034405"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-7889"
},
{
"cve": "CVE-2017-8106",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-8106"
}
],
"notes": [
{
"category": "general",
"text": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-8106",
"url": "https://www.suse.com/security/cve/CVE-2017-8106"
},
{
"category": "external",
"summary": "SUSE Bug 1035877 for CVE-2017-8106",
"url": "https://bugzilla.suse.com/1035877"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "low"
}
],
"title": "CVE-2017-8106"
},
{
"cve": "CVE-2017-8831",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-8831"
}
],
"notes": [
{
"category": "general",
"text": "The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a \"double fetch\" vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-8831",
"url": "https://www.suse.com/security/cve/CVE-2017-8831"
},
{
"category": "external",
"summary": "SUSE Bug 1037994 for CVE-2017-8831",
"url": "https://bugzilla.suse.com/1037994"
},
{
"category": "external",
"summary": "SUSE Bug 1061936 for CVE-2017-8831",
"url": "https://bugzilla.suse.com/1061936"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2017-8831",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-8831",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-8831"
},
{
"cve": "CVE-2017-8890",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-8890"
}
],
"notes": [
{
"category": "general",
"text": "The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-8890",
"url": "https://www.suse.com/security/cve/CVE-2017-8890"
},
{
"category": "external",
"summary": "SUSE Bug 1038544 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "external",
"summary": "SUSE Bug 1038564 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1038564"
},
{
"category": "external",
"summary": "SUSE Bug 1039883 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1039883"
},
{
"category": "external",
"summary": "SUSE Bug 1039885 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1039885"
},
{
"category": "external",
"summary": "SUSE Bug 1040069 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1040069"
},
{
"category": "external",
"summary": "SUSE Bug 1042364 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1042364"
},
{
"category": "external",
"summary": "SUSE Bug 1051906 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1051906"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-8890",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "important"
}
],
"title": "CVE-2017-8890"
},
{
"cve": "CVE-2017-8924",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-8924"
}
],
"notes": [
{
"category": "general",
"text": "The edge_bulk_in_callback function in drivers/usb/serial/io_ti.c in the Linux kernel before 4.10.4 allows local users to obtain sensitive information (in the dmesg ringbuffer and syslog) from uninitialized kernel memory by using a crafted USB device (posing as an io_ti USB serial device) to trigger an integer underflow.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-8924",
"url": "https://www.suse.com/security/cve/CVE-2017-8924"
},
{
"category": "external",
"summary": "SUSE Bug 1037182 for CVE-2017-8924",
"url": "https://bugzilla.suse.com/1037182"
},
{
"category": "external",
"summary": "SUSE Bug 1038981 for CVE-2017-8924",
"url": "https://bugzilla.suse.com/1038981"
},
{
"category": "external",
"summary": "SUSE Bug 1038982 for CVE-2017-8924",
"url": "https://bugzilla.suse.com/1038982"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2017-8924",
"url": "https://bugzilla.suse.com/870618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "low"
}
],
"title": "CVE-2017-8924"
},
{
"cve": "CVE-2017-8925",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-8925"
}
],
"notes": [
{
"category": "general",
"text": "The omninet_open function in drivers/usb/serial/omninet.c in the Linux kernel before 4.10.4 allows local users to cause a denial of service (tty exhaustion) by leveraging reference count mishandling.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-8925",
"url": "https://www.suse.com/security/cve/CVE-2017-8925"
},
{
"category": "external",
"summary": "SUSE Bug 1037183 for CVE-2017-8925",
"url": "https://bugzilla.suse.com/1037183"
},
{
"category": "external",
"summary": "SUSE Bug 1038981 for CVE-2017-8925",
"url": "https://bugzilla.suse.com/1038981"
},
{
"category": "external",
"summary": "SUSE Bug 1038982 for CVE-2017-8925",
"url": "https://bugzilla.suse.com/1038982"
},
{
"category": "external",
"summary": "SUSE Bug 870618 for CVE-2017-8925",
"url": "https://bugzilla.suse.com/870618"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "low"
}
],
"title": "CVE-2017-8925"
},
{
"cve": "CVE-2017-9074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9074"
}
],
"notes": [
{
"category": "general",
"text": "The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read and BUG) or possibly have unspecified other impact via crafted socket and send system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9074",
"url": "https://www.suse.com/security/cve/CVE-2017-9074"
},
{
"category": "external",
"summary": "SUSE Bug 1039882 for CVE-2017-9074",
"url": "https://bugzilla.suse.com/1039882"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-9074",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-9074"
},
{
"cve": "CVE-2017-9075",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9075"
}
],
"notes": [
{
"category": "general",
"text": "The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9075",
"url": "https://www.suse.com/security/cve/CVE-2017-9075"
},
{
"category": "external",
"summary": "SUSE Bug 1038544 for CVE-2017-9075",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "external",
"summary": "SUSE Bug 1039883 for CVE-2017-9075",
"url": "https://bugzilla.suse.com/1039883"
},
{
"category": "external",
"summary": "SUSE Bug 1051906 for CVE-2017-9075",
"url": "https://bugzilla.suse.com/1051906"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-9075",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-9075"
},
{
"cve": "CVE-2017-9076",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9076"
}
],
"notes": [
{
"category": "general",
"text": "The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9076",
"url": "https://www.suse.com/security/cve/CVE-2017-9076"
},
{
"category": "external",
"summary": "SUSE Bug 1038544 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "external",
"summary": "SUSE Bug 1039885 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1039885"
},
{
"category": "external",
"summary": "SUSE Bug 1040069 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1040069"
},
{
"category": "external",
"summary": "SUSE Bug 1051906 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1051906"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-9076",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-9076"
},
{
"cve": "CVE-2017-9077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9077"
}
],
"notes": [
{
"category": "general",
"text": "The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9077",
"url": "https://www.suse.com/security/cve/CVE-2017-9077"
},
{
"category": "external",
"summary": "SUSE Bug 1038544 for CVE-2017-9077",
"url": "https://bugzilla.suse.com/1038544"
},
{
"category": "external",
"summary": "SUSE Bug 1040069 for CVE-2017-9077",
"url": "https://bugzilla.suse.com/1040069"
},
{
"category": "external",
"summary": "SUSE Bug 1042364 for CVE-2017-9077",
"url": "https://bugzilla.suse.com/1042364"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-9077",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-9077"
},
{
"cve": "CVE-2017-9242",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9242"
}
],
"notes": [
{
"category": "general",
"text": "The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of service (system crash) via crafted system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9242",
"url": "https://www.suse.com/security/cve/CVE-2017-9242"
},
{
"category": "external",
"summary": "SUSE Bug 1041431 for CVE-2017-9242",
"url": "https://bugzilla.suse.com/1041431"
},
{
"category": "external",
"summary": "SUSE Bug 1042892 for CVE-2017-9242",
"url": "https://bugzilla.suse.com/1042892"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.101.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.101.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-default-1-8.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_101-xen-1-8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-11-02T13:02:36Z",
"details": "important"
}
],
"title": "CVE-2017-9242"
}
]
}
GSD-2017-8106
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-8106",
"description": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.",
"id": "GSD-2017-8106",
"references": [
"https://www.suse.com/security/cve/CVE-2017-8106.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-8106"
],
"details": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.",
"id": "GSD-2017-8106",
"modified": "2023-12-13T01:21:09.170377Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8106",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.kernel.org/show_bug.cgi?id=195167",
"refsource": "MISC",
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=195167"
},
{
"name": "https://launchpad.net/bugs/1678676",
"refsource": "MISC",
"url": "https://launchpad.net/bugs/1678676"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.14:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.23:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.25:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.27:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.29:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.36:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.45:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.47:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.52:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.54:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.9:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.10:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.12:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.14.67:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.14.68:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.26:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.40:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.41:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.42:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.43:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.56:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.57:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.58:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.59:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.18:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.19:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.20:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.21:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.34:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.35:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.48:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.49:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.50:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.51:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.13:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.15:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.17:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.22:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.24:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.28:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.30:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.44:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.46:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.53:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:3.12.55:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8106"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-476"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://launchpad.net/bugs/1678676",
"refsource": "MISC",
"tags": [
"Issue Tracking"
],
"url": "https://launchpad.net/bugs/1678676"
},
{
"name": "https://bugzilla.kernel.org/show_bug.cgi?id=195167",
"refsource": "MISC",
"tags": [
"Issue Tracking"
],
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=195167"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6
}
},
"lastModifiedDate": "2017-05-05T12:50Z",
"publishedDate": "2017-04-24T23:59Z"
}
}
}
CNVD-2017-06741
Vulnerability from cnvd - Published: 2017-05-17
VLAI Severity ?
Title
Linux kernel拒绝服务漏洞(CNVD-2017-06741)
Description
Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。
Linux内核3.12至3.15中的arch/x86/kvm/vmx.c中的handle_invept函数存在拒绝服务漏洞,允许特权的KVM客户机操作系统的用户通过单一上下文INVEPT指令导致拒绝服务(NULL指针取消引用和主机操作系统崩溃)NULL EPT指针。
Severity
中
Patch Name
Linux kernel拒绝服务漏洞(CNVD-2017-06741)的补丁
Patch Description
Linux kernel是美国Linux基金会发布的操作系统Linux所使用的内核。
Linux内核3.12至3.15中的arch/x86/kvm/vmx.c中的handle_invept函数存在拒绝服务漏洞,允许特权的KVM客户机操作系统的用户通过单一上下文INVEPT指令导致拒绝服务(NULL指针取消引用和主机操作系统崩溃)NULL EPT指针。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接: https://bugzilla.kernel.org/show_bug.cgi?id=195167
Reference
https://launchpad.net/bugs/1678676
Impacted products
| Name | Linux kernel 3.12-3.15 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2017-8106",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8106"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux\u5185\u68383.12\u81f33.15\u4e2d\u7684arch/x86/kvm/vmx.c\u4e2d\u7684handle_invept\u51fd\u6570\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u7279\u6743\u7684KVM\u5ba2\u6237\u673a\u64cd\u4f5c\u7cfb\u7edf\u7684\u7528\u6237\u901a\u8fc7\u5355\u4e00\u4e0a\u4e0b\u6587INVEPT\u6307\u4ee4\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08NULL\u6307\u9488\u53d6\u6d88\u5f15\u7528\u548c\u4e3b\u673a\u64cd\u4f5c\u7cfb\u7edf\u5d29\u6e83\uff09NULL EPT\u6307\u9488\u3002",
"discovererName": "minoura makoto",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6b64\u5b89\u5168\u95ee\u9898\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://bugzilla.kernel.org/show_bug.cgi?id=195167",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-06741",
"openTime": "2017-05-17",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux\u5185\u68383.12\u81f33.15\u4e2d\u7684arch/x86/kvm/vmx.c\u4e2d\u7684handle_invept\u51fd\u6570\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u5141\u8bb8\u7279\u6743\u7684KVM\u5ba2\u6237\u673a\u64cd\u4f5c\u7cfb\u7edf\u7684\u7528\u6237\u901a\u8fc7\u5355\u4e00\u4e0a\u4e0b\u6587INVEPT\u6307\u4ee4\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\uff08NULL\u6307\u9488\u53d6\u6d88\u5f15\u7528\u548c\u4e3b\u673a\u64cd\u4f5c\u7cfb\u7edf\u5d29\u6e83\uff09NULL EPT\u6307\u9488\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kernel\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-06741\uff09\u7684\u8865\u4e01",
"products": {
"product": "Linux kernel 3.12-3.15"
},
"referenceLink": "https://launchpad.net/bugs/1678676",
"serverity": "\u4e2d",
"submitTime": "2017-04-26",
"title": "Linux kernel\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2017-06741\uff09"
}
BDU:2017-01145
Vulnerability from fstec - Published: 25.04.2017
VLAI Severity ?
Title
Уязвимость операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Description
Уязвимость функции handle invept в arch/x86/kvm/vmx.c операционной системы Linux связана с ошибками разыменования указателей. Эксплуатация уязвимости может позволить нарушителю, действующему локально, вызвать отказ в обслуживании (разыменование нулевого указателя) с помощью одно контекстной INVEPT инструкции с нулевым EPT указателем
Severity ?
Vendor
Сообщество свободного программного обеспечения
Software Name
Linux
Software Version
от 3.12 до 3.15 включительно (Linux)
Possible Mitigations
Использование рекомендаций:
https://bugzilla.kernel.org/show_bug.cgi?id=195167
https://launchpad.net/bugs/1678676
Reference
https://bugzilla.kernel.org/show_bug.cgi?id=195167
https://launchpad.net/bugs/1678676
CWE
CWE-476
{
"CVSS 2.0": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"CVSS 3.0": null,
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u043e\u0442 3.12 \u0434\u043e 3.15 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e (Linux)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttps://bugzilla.kernel.org/show_bug.cgi?id=195167\nhttps://launchpad.net/bugs/1678676",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "25.04.2017",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "23.03.2021",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "15.05.2017",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2017-01145",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2017-8106",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Linux",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": null,
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u0420\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f NULL (CWE-476)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0444\u0443\u043d\u043a\u0446\u0438\u0438 handle invept \u0432 arch/x86/kvm/vmx.c \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b Linux \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u0439. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (\u0440\u0430\u0437\u044b\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044f) \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0434\u043d\u043e \u043a\u043e\u043d\u0442\u0435\u043a\u0441\u0442\u043d\u043e\u0439 INVEPT \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0438 \u0441 \u043d\u0443\u043b\u0435\u0432\u044b\u043c EPT \u0443\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0435\u043c",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": "-",
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://bugzilla.kernel.org/show_bug.cgi?id=195167\nhttps://launchpad.net/bugs/1678676",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c",
"\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-476",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 4,9)"
}
GHSA-XV97-PM64-W44M
Vulnerability from github – Published: 2022-05-17 02:46 – Updated: 2022-05-17 02:46
VLAI?
Details
The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.
Severity ?
5.5 (Medium)
{
"affected": [],
"aliases": [
"CVE-2017-8106"
],
"database_specific": {
"cwe_ids": [
"CWE-476"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-04-24T23:59:00Z",
"severity": "MODERATE"
},
"details": "The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.",
"id": "GHSA-xv97-pm64-w44m",
"modified": "2022-05-17T02:46:59Z",
"published": "2022-05-17T02:46:59Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-8106"
},
{
"type": "WEB",
"url": "https://bugzilla.kernel.org/show_bug.cgi?id=195167"
},
{
"type": "WEB",
"url": "https://launchpad.net/bugs/1678676"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…