Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-17182 (GCVE-0-2018-17182)
Vulnerability from cvelistv5 – Published: 2018-09-19 09:00 – Updated: 2024-08-05 10:39
VLAI
EPSS
Summary
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
16 references
Date Public
2018-09-19 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T10:39:59.702Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3776-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3776-1/"
},
{
"name": "USN-3776-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3776-2/"
},
{
"name": "USN-3777-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3777-1/"
},
{
"name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190204-0001/"
},
{
"name": "RHSA-2018:3656",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "DSA-4308",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"name": "105417",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105417"
},
{
"name": "45497",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/45497/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.openwall.com/lists/oss-security/2018/09/18/4"
},
{
"name": "1041748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041748"
},
{
"name": "USN-3777-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3777-2/"
},
{
"name": "106503",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106503"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "USN-3777-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3777-3/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-09-19T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-02-05T10:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "USN-3776-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3776-1/"
},
{
"name": "USN-3776-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3776-2/"
},
{
"name": "USN-3777-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3777-1/"
},
{
"name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190204-0001/"
},
{
"name": "RHSA-2018:3656",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "DSA-4308",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"name": "105417",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105417"
},
{
"name": "45497",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/45497/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.openwall.com/lists/oss-security/2018/09/18/4"
},
{
"name": "1041748",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041748"
},
{
"name": "USN-3777-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3777-2/"
},
{
"name": "106503",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106503"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "USN-3777-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3777-3/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3776-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3776-1/"
},
{
"name": "USN-3776-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3776-2/"
},
{
"name": "USN-3777-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3777-1/"
},
{
"name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190204-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190204-0001/"
},
{
"name": "RHSA-2018:3656",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"name": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "DSA-4308",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"name": "105417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105417"
},
{
"name": "45497",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45497/"
},
{
"name": "https://www.openwall.com/lists/oss-security/2018/09/18/4",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2018/09/18/4"
},
{
"name": "1041748",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041748"
},
{
"name": "USN-3777-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3777-2/"
},
{
"name": "106503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106503"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "USN-3777-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3777-3/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-17182",
"datePublished": "2018-09-19T09:00:00.000Z",
"dateReserved": "2018-09-19T00:00:00.000Z",
"dateUpdated": "2024-08-05T10:39:59.702Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-17182",
"date": "2026-05-31",
"epss": "0.08509",
"percentile": "0.92505"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.16\", \"versionEndExcluding\": \"3.16.58\", \"matchCriteriaId\": \"ACCD57BD-57A5-4BEA-A884-2A21E7B92EBA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.17\", \"versionEndExcluding\": \"3.18.123\", \"matchCriteriaId\": \"D8AB84BB-69BD-43DB-9CE3-0381B1FC862C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.19\", \"versionEndExcluding\": \"4.4.157\", \"matchCriteriaId\": \"5DE38E54-E821-4DB3-86DA-E6DCDD4361E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.5\", \"versionEndExcluding\": \"4.9.128\", \"matchCriteriaId\": \"139B519B-2681-4096-A1CE-2CF58E0CE274\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.10\", \"versionEndExcluding\": \"4.14.71\", \"matchCriteriaId\": \"E8C1C6C9-9654-4BB7-9908-EFC7BA9040E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.15\", \"versionEndExcluding\": \"4.18.9\", \"matchCriteriaId\": \"8F765B15-BD3A-4C48-984C-05084867A943\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"B5A6F2F3-4894-4392-8296-3B8DD2679084\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"83077160-BB98-408B-81F0-8EF9E566BF28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"85DF4B3F-4BBC-42B7-B729-096934523D63\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto un problema en el kernel de Linux hasta la versi\\u00f3n 4.18.8. La funci\\u00f3n vmacache_flush_all en mm/vmacache.c manipula incorrectamente los desbordamientos de n\\u00fameros de secuencias. Un atacante puede desencadenar un uso de memoria previamente liberada (y posiblemente la obtenci\\u00f3n de privilegios) mediante determinadas operaciones thread creation, map, unmap, invalidation y dereference.\"}]",
"id": "CVE-2018-17182",
"lastModified": "2024-11-21T03:54:02.213",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2018-09-19T09:29:00.620",
"references": "[{\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/105417\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/106503\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041748\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3656\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190204-0001/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3776-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3776-2/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-2/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-3/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4308\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/45497/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2018/09/18/4\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/105417\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securityfocus.com/bid/106503\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1041748\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2018:3656\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190204-0001/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3776-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3776-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3777-3/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.debian.org/security/2018/dsa-4308\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.exploit-db.com/exploits/45497/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2018/09/18/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-416\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-17182\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-09-19T09:29:00.620\",\"lastModified\":\"2024-11-21T03:54:02.213\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema en el kernel de Linux hasta la versi\u00f3n 4.18.8. La funci\u00f3n vmacache_flush_all en mm/vmacache.c manipula incorrectamente los desbordamientos de n\u00fameros de secuencias. Un atacante puede desencadenar un uso de memoria previamente liberada (y posiblemente la obtenci\u00f3n de privilegios) mediante determinadas operaciones thread creation, map, unmap, invalidation y dereference.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-416\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.16\",\"versionEndExcluding\":\"3.16.58\",\"matchCriteriaId\":\"ACCD57BD-57A5-4BEA-A884-2A21E7B92EBA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17\",\"versionEndExcluding\":\"3.18.123\",\"matchCriteriaId\":\"D8AB84BB-69BD-43DB-9CE3-0381B1FC862C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.19\",\"versionEndExcluding\":\"4.4.157\",\"matchCriteriaId\":\"5DE38E54-E821-4DB3-86DA-E6DCDD4361E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.5\",\"versionEndExcluding\":\"4.9.128\",\"matchCriteriaId\":\"139B519B-2681-4096-A1CE-2CF58E0CE274\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.10\",\"versionEndExcluding\":\"4.14.71\",\"matchCriteriaId\":\"E8C1C6C9-9654-4BB7-9908-EFC7BA9040E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.18.9\",\"matchCriteriaId\":\"8F765B15-BD3A-4C48-984C-05084867A943\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83077160-BB98-408B-81F0-8EF9E566BF28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85DF4B3F-4BBC-42B7-B729-096934523D63\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105417\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/106503\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041748\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3656\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190204-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3776-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3776-2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-2/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-3/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4308\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/45497/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2018/09/18/4\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/105417\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/106503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1041748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:3656\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190204-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3776-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3776-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3777-3/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2018/dsa-4308\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.exploit-db.com/exploits/45497/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2018/09/18/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]}]}}"
}
}
FKIE_CVE-2018-17182
Vulnerability from fkie_nvd - Published: 2018-09-19 09:29 - Updated: 2024-11-21 03:54
Severity
Summary
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| debian | debian_linux | 8.0 | |
| debian | debian_linux | 9.0 | |
| netapp | active_iq_performance_analytics_services | - | |
| netapp | element_software | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "ACCD57BD-57A5-4BEA-A884-2A21E7B92EBA",
"versionEndExcluding": "3.16.58",
"versionStartIncluding": "3.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8AB84BB-69BD-43DB-9CE3-0381B1FC862C",
"versionEndExcluding": "3.18.123",
"versionStartIncluding": "3.17",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5DE38E54-E821-4DB3-86DA-E6DCDD4361E0",
"versionEndExcluding": "4.4.157",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "139B519B-2681-4096-A1CE-2CF58E0CE274",
"versionEndExcluding": "4.9.128",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E8C1C6C9-9654-4BB7-9908-EFC7BA9040E8",
"versionEndExcluding": "4.14.71",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F765B15-BD3A-4C48-984C-05084867A943",
"versionEndExcluding": "4.18.9",
"versionStartIncluding": "4.15",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*",
"matchCriteriaId": "83077160-BB98-408B-81F0-8EF9E566BF28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DF4B3F-4BBC-42B7-B729-096934523D63",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations."
},
{
"lang": "es",
"value": "Se ha descubierto un problema en el kernel de Linux hasta la versi\u00f3n 4.18.8. La funci\u00f3n vmacache_flush_all en mm/vmacache.c manipula incorrectamente los desbordamientos de n\u00fameros de secuencias. Un atacante puede desencadenar un uso de memoria previamente liberada (y posiblemente la obtenci\u00f3n de privilegios) mediante determinadas operaciones thread creation, map, unmap, invalidation y dereference."
}
],
"id": "CVE-2018-17182",
"lastModified": "2024-11-21T03:54:02.213",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2018-09-19T09:29:00.620",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105417"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106503"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041748"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190204-0001/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3776-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3776-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-1/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-2/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/45497/"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2018/09/18/4"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105417"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106503"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190204-0001/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3776-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3776-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/45497/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2018/09/18/4"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-V788-JMXR-WGJ9
Vulnerability from github – Published: 2022-05-14 01:28 – Updated: 2022-05-14 01:28
VLAI
Details
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2018-17182"
],
"database_specific": {
"cwe_ids": [
"CWE-416"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-09-19T09:29:00Z",
"severity": "HIGH"
},
"details": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"id": "GHSA-v788-jmxr-wgj9",
"modified": "2022-05-14T01:28:51Z",
"published": "2022-05-14T01:28:51Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17182"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190204-0001"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3776-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3776-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3777-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3777-2"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3777-3"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"type": "WEB",
"url": "https://www.exploit-db.com/exploits/45497"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2018/09/18/4"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/105417"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106503"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1041748"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2018-17182
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-17182",
"description": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"id": "GSD-2018-17182",
"references": [
"https://www.suse.com/security/cve/CVE-2018-17182.html",
"https://www.debian.org/security/2018/dsa-4308",
"https://access.redhat.com/errata/RHSA-2018:3656",
"https://ubuntu.com/security/CVE-2018-17182",
"https://advisories.mageia.org/CVE-2018-17182.html",
"https://security.archlinux.org/CVE-2018-17182",
"https://alas.aws.amazon.com/cve/html/CVE-2018-17182.html",
"https://linux.oracle.com/cve/CVE-2018-17182.html",
"https://packetstormsecurity.com/files/cve/CVE-2018-17182"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-17182"
],
"details": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"id": "GSD-2018-17182",
"modified": "2023-12-13T01:22:30.913286Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17182",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3776-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3776-1/"
},
{
"name": "USN-3776-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3776-2/"
},
{
"name": "USN-3777-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3777-1/"
},
{
"name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190204-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190204-0001/"
},
{
"name": "RHSA-2018:3656",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"name": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2",
"refsource": "MISC",
"url": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "DSA-4308",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"name": "105417",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105417"
},
{
"name": "45497",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/45497/"
},
{
"name": "https://www.openwall.com/lists/oss-security/2018/09/18/4",
"refsource": "MISC",
"url": "https://www.openwall.com/lists/oss-security/2018/09/18/4"
},
{
"name": "1041748",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041748"
},
{
"name": "USN-3777-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3777-2/"
},
{
"name": "106503",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106503"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "USN-3777-3",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3777-3/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.16.58",
"versionStartIncluding": "3.16",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.18.123",
"versionStartIncluding": "3.17",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.4.157",
"versionStartIncluding": "3.19",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.9.128",
"versionStartIncluding": "4.5",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.14.71",
"versionStartIncluding": "4.10",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.18.9",
"versionStartIncluding": "4.15",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-17182"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.openwall.com/lists/oss-security/2018/09/18/4",
"refsource": "MISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://www.openwall.com/lists/oss-security/2018/09/18/4"
},
{
"name": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://github.com/torvalds/linux/commit/7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7a9cdebdcc17e426fb5287e4a82db1dfe86339b2"
},
{
"name": "45497",
"refsource": "EXPLOIT-DB",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/45497/"
},
{
"name": "DSA-4308",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2018/dsa-4308"
},
{
"name": "USN-3777-2",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-2/"
},
{
"name": "USN-3777-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-1/"
},
{
"name": "USN-3776-2",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3776-2/"
},
{
"name": "USN-3776-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3776-1/"
},
{
"name": "1041748",
"refsource": "SECTRACK",
"tags": [
"Patch",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1041748"
},
{
"name": "105417",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/105417"
},
{
"name": "[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update",
"refsource": "MLIST",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html"
},
{
"name": "USN-3777-3",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/3777-3/"
},
{
"name": "RHSA-2018:3656",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"name": "106503",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106503"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190204-0001/",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190204-0001/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-02-24T18:33Z",
"publishedDate": "2018-09-19T09:29Z"
}
}
}
RHSA-2018:3656
Vulnerability from csaf_redhat - Published: 2018-11-26 23:16 - Updated: 2025-11-21 18:06Summary
Red Hat Security Advisory: kernel-alt security and bug fix update
Severity
Important
Notes
Topic: An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
* kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation (CVE-2018-17182)
* kernel: Privilege escalation on arm64 via KVM hypervisor (CVE-2018-18021)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3714391
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A security flaw was discovered in the Linux kernel. The vmacache_flush_all() function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
7.0 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was discovered in the Linux kernel that allows an attacker to escalate privileges with using a 64-bit ARM architecture. A local attacker with permission to create KVM-based virtual machines can both panic the hypervisor by triggering an illegal exception return (resulting in a DoS) and to redirect execution elsewhere within the hypervisor with full register control, instead of causing a return to the guest.
6.7 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation (CVE-2018-17182)\n\n* kernel: Privilege escalation on arm64 via KVM hypervisor (CVE-2018-18021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\nThese updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3714391",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:3656",
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3714391",
"url": "https://access.redhat.com/articles/3714391"
},
{
"category": "external",
"summary": "1631205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631205"
},
{
"category": "external",
"summary": "1635475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635475"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_3656.json"
}
],
"title": "Red Hat Security Advisory: kernel-alt security and bug fix update",
"tracking": {
"current_release_date": "2025-11-21T18:06:59+00:00",
"generator": {
"date": "2025-11-21T18:06:59+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2018:3656",
"initial_release_date": "2018-11-26T23:16:18+00:00",
"revision_history": [
{
"date": "2018-11-26T23:16:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-11-26T23:16:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:06:59+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-bootwrapper@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"product": {
"name": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"product_id": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.14.0-115.2.2.el7a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"product": {
"name": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"product_id": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.14.0-115.2.2.el7a?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"product": {
"name": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"product_id": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-alt@4.14.0-115.2.2.el7a?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.2.2.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.2.2.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-17182",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-09-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1631205"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was discovered in the Linux kernel. The vmacache_flush_all() function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-17182"
},
{
"category": "external",
"summary": "RHBZ#1631205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-17182",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17182"
}
],
"release_date": "2018-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-11-26T23:16:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation"
},
{
"cve": "CVE-2018-18021",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-10-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1635475"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in the Linux kernel that allows an attacker to escalate privileges with using a 64-bit ARM architecture. A local attacker with permission to create KVM-based virtual machines can both panic the hypervisor by triggering an illegal exception return (resulting in a DoS) and to redirect execution elsewhere within the hypervisor with full register control, instead of causing a return to the guest.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Privilege escalation on arm64 via KVM hypervisor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-18021"
},
{
"category": "external",
"summary": "RHBZ#1635475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-18021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18021"
}
],
"release_date": "2018-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-11-26T23:16:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Privilege escalation on arm64 via KVM hypervisor"
}
]
}
RHSA-2018_3656
Vulnerability from csaf_redhat - Published: 2018-11-26 23:16 - Updated: 2024-11-22 12:21Summary
Red Hat Security Advisory: kernel-alt security and bug fix update
Severity
Important
Notes
Topic: An update for kernel-alt is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The kernel-alt packages provide the Linux kernel version 4.x.
Security Fix(es):
* kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation (CVE-2018-17182)
* kernel: Privilege escalation on arm64 via KVM hypervisor (CVE-2018-18021)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
These updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3714391
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A security flaw was discovered in the Linux kernel. The vmacache_flush_all() function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.
7.0 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
Threats
Impact
Important
A vulnerability was discovered in the Linux kernel that allows an attacker to escalate privileges with using a 64-bit ARM architecture. A local attacker with permission to create KVM-based virtual machines can both panic the hypervisor by triggering an illegal exception return (resulting in a DoS) and to redirect execution elsewhere within the hypervisor with full register control, instead of causing a return to the guest.
6.7 (Medium)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
14 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for kernel-alt is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The kernel-alt packages provide the Linux kernel version 4.x.\n\nSecurity Fix(es):\n\n* kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation (CVE-2018-17182)\n\n* kernel: Privilege escalation on arm64 via KVM hypervisor (CVE-2018-18021)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\nThese updated kernel packages include also numerous bug fixes. Space precludes documenting all of the bug fixes in this advisory. See the descriptions in the related Knowledge Article: https://access.redhat.com/articles/3714391",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:3656",
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/articles/3714391",
"url": "https://access.redhat.com/articles/3714391"
},
{
"category": "external",
"summary": "1631205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631205"
},
{
"category": "external",
"summary": "1635475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635475"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_3656.json"
}
],
"title": "Red Hat Security Advisory: kernel-alt security and bug fix update",
"tracking": {
"current_release_date": "2024-11-22T12:21:15+00:00",
"generator": {
"date": "2024-11-22T12:21:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2018:3656",
"initial_release_date": "2018-11-26T23:16:18+00:00",
"revision_history": [
{
"date": "2018-11-26T23:16:18+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-11-26T23:16:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T12:21:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-perf@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-headers@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-bootwrapper@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"product": {
"name": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"product_id": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.14.0-115.2.2.el7a?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"product": {
"name": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"product_id": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.14.0-115.2.2.el7a?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"product": {
"name": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"product_id": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-abi-whitelists@4.14.0-115.2.2.el7a?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"product": {
"name": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"product_id": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-alt@4.14.0-115.2.2.el7a?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.2.2.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7)",
"product_id": "7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch"
},
"product_reference": "kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-alt-0:4.14.0-115.2.2.el7a.src as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src"
},
"product_reference": "kernel-alt-0:4.14.0-115.2.2.el7a.src",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch"
},
"product_reference": "kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "perf-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le as a component of Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7)",
"product_id": "7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
},
"product_reference": "python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"relates_to_product_reference": "7Server-optional-RHELALT-7.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-17182",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2018-09-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1631205"
}
],
"notes": [
{
"category": "description",
"text": "A security flaw was discovered in the Linux kernel. The vmacache_flush_all() function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-17182"
},
{
"category": "external",
"summary": "RHBZ#1631205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1631205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-17182",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-17182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-17182"
}
],
"release_date": "2018-09-13T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-11-26T23:16:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation"
},
{
"cve": "CVE-2018-18021",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-10-03T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1635475"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in the Linux kernel that allows an attacker to escalate privileges with using a 64-bit ARM architecture. A local attacker with permission to create KVM-based virtual machines can both panic the hypervisor by triggering an illegal exception return (resulting in a DoS) and to redirect execution elsewhere within the hypervisor with full register control, instead of causing a return to the guest.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kernel: Privilege escalation on arm64 via KVM hypervisor",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-18021"
},
{
"category": "external",
"summary": "RHBZ#1635475",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1635475"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-18021",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-18021"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-18021",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18021"
}
],
"release_date": "2018-10-03T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-11-26T23:16:18+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nThe system must be rebooted for this update to take effect.",
"product_ids": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:3656"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-abi-whitelists-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-alt-0:4.14.0-115.2.2.el7a.src",
"7Server-optional-RHELALT-7.6:kernel-bootwrapper-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debug-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-debuginfo-common-ppc64le-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-doc-0:4.14.0-115.2.2.el7a.noarch",
"7Server-optional-RHELALT-7.6:kernel-headers-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:kernel-tools-libs-devel-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-0:4.14.0-115.2.2.el7a.ppc64le",
"7Server-optional-RHELALT-7.6:python-perf-debuginfo-0:4.14.0-115.2.2.el7a.ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "kernel: Privilege escalation on arm64 via KVM hypervisor"
}
]
}
SUSE-SU-2018:3003-1
Vulnerability from csaf_suse - Published: 2018-10-04 12:01 - Updated: 2018-10-04 12:01Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-16597: Incorrect access checking in overlayfs mounts could have been
used by local attackers to modify or truncate files in the underlying
filesystem (bnc#1106512).
- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when
mounting and operating a crafted btrfs image, caused by a lack of block group
item validation in check_leaf_item (bsc#1102896)
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095)
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of
service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536)
- CVE-2018-7480: The blkcg_init_queue function allowed local users to cause a
denial of service (double free) or possibly have unspecified other impact by
triggering a creation failure (bsc#1082863).
- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c
mishandled sequence number overflows. An attacker can trigger a
use-after-free (and possibly gain privileges) via certain thread creation,
map, unmap, invalidation, and dereference operations (bnc#1108399).
The following non-security bugs were fixed:
- asm/sections: add helpers to check for section data (bsc#1063026).
- ASoC: wm8994: Fix missing break in switch (bnc#1012382).
- block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979).
- bpf: fix overflow in prog accounting (bsc#1012382).
- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Introduce mount time chunk <-> dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bnc#1012382).
- btrfs: replace: Reset on-disk dev stats value after replace (bnc#1012382).
- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).
- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: use correct compare function of dirty_metadata_bytes (bnc#1012382).
- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- cifs: check if SMB2 PDU size has been padded and suppress the warning (bnc#1012382).
- crypto: clarify licensing of OpenSSL asm code ().
- crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes).
- debugobjects: Make stack check warning more informative (bnc#1012382).
- dm kcopyd: avoid softlockup in run_complete_job (bnc#1012382).
- dm-mpath: do not try to access NULL rq (bsc#1110337).
- EDAC: Fix memleak in module init error path (bsc#1109441).
- EDAC, i7core: Fix memleaks and use-after-free on probe and remove (1109441).
- fat: validate ->i_start before using (bnc#1012382).
- Fixes: Commit cdbf92675fad ('mm: numa: avoid waiting on freed migrated pages') (bnc#1012382).
- Follow-up fix for patches.arch/01-jump_label-reduce-the-size-of-struct-static_key-kabi.patch (bsc#1108803).
- fork: do not copy inconsistent signal handler state to child (bnc#1012382).
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (bnc#1012382).
- genirq: Delay incrementing interrupt count if it's disabled/pending (bnc#1012382).
- grow_cache: we still have a code which uses both __GFP_ZERO and constructors. The code seems to be correct and the warning does more harm than good so revert for the the meantime until we catch offenders. (bnc#1110297)
- hfsplus: do not return 0 when fill_super() failed (bnc#1012382).
- hfs: prevent crash on exit from failed search (bnc#1012382).
- ib_srp: Remove WARN_ON in srp_terminate_io() (bsc#1094562).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bnc#1012382).
- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bnc#1012382).
- irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() (bnc#1012382).
- kabi protect hnae_ae_ops (bsc#1107924).
- kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382).
- l2tp: cast l2tp traffic counter to unsigned (bsc#1099810).
- mei: me: allow runtime pm for platform with D0i3 (bnc#1012382).
- mfd: sm501: Set coherent_dma_mask when creating subdevices (bnc#1012382).
- mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382).
- net/9p: fix error path of p9_virtio_probe (bnc#1012382).
- net: bcmgenet: use MAC link status for fixed phy (bnc#1012382).
- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108240).
- net: ena: fix device destruction to gracefully free resources (bsc#1108240).
- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240).
- net: ena: fix incorrect usage of memory barriers (bsc#1108240).
- net: ena: fix missing calls to READ_ONCE (bsc#1108240).
- net: ena: fix missing lock during device destruction (bsc#1108240).
- net: ena: fix potential double ena_destroy_device() (bsc#1108240).
- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108240).
- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).
- net: hns: add the code for cleaning pkt in chip (bsc#1107924).
- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).
- nvmet: fixup crash on NULL device path (bsc#1082979).
- ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512)
- ovl: proper cleanup of workdir (bnc#1012382).
- ovl: rename is_merge to is_lowest (bnc#1012382).
- PCI: mvebu: Fix I/O space end address calculation (bnc#1012382).
- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bnc#1012382).
- powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244).
- powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bsc#1094244).
- powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).
- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).
- powerpc: Fix size calculation using resource_size() (bnc#1012382).
- powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244).
- powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check (git-fixes).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1066223).
- powerpc/powernv: Rename machine_check_pSeries_early() to powernv (bsc#1094244).
- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bnc#1012382).
- powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223).
- powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).
- powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).
- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).
- RDMA/rw: Fix rdma_rw_ctx_signature_init() kernel-doc header (bsc#1082979).
- reiserfs: change j_timestamp type to time64_t (bnc#1012382).
- Revert 'ARM: imx_v6_v7_defconfig: Select ULPI support' (bnc#1012382).
- s390/dasd: fix hanging offline processing due to canceled worker (bnc#1012382).
- s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382 bnc#1106934).
- sch_hhf: fix null pointer dereference on init failure (bnc#1012382).
- sch_htb: fix crash on init failure (bnc#1012382).
- sch_multiq: fix double free on init failure (bnc#1012382).
- sch_netem: avoid null pointer deref on init failure (bnc#1012382).
- sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382).
- scripts: modpost: check memory allocation results (bnc#1012382).
- scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382).
- scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).
- scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).
- scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427).
- scsi: qla2xxx: Add longer window for chip reset (bsc#1094555).
- scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555).
- scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427).
- scsi: qla2xxx: Cleanup for N2N code (bsc#1094555).
- scsi: qla2xxx: correctly shift host byte (bsc#1094555).
- scsi: qla2xxx: Correct setting of SAM_STAT_CHECK_CONDITION (bsc#1094555).
- scsi: qla2xxx: Delete session for nport id change (bsc#1094555).
- scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).
- scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (bsc#1094555).
- scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555).
- scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555).
- scsi: qla2xxx: fix error message on <qla2400 (bsc#1094555).
- scsi: qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).
- scsi: qla2xxx: Fix function argument descriptions (bsc#1094555).
- scsi: qla2xxx: Fix Inquiry command being dropped in Target mode (bsc#1094555).
- scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1094555).
- scsi: qla2xxx: Fix login retry count (bsc#1094555).
- scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1094555).
- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1094555).
- scsi: qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084427).
- scsi: qla2xxx: Fix N2N link re-connect (bsc#1094555).
- scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion (bsc#1094555).
- scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1094555).
- scsi: qla2xxx: Fix race condition between iocb timeout and initialisation (bsc#1094555).
- scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1094555).
- scsi: qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).
- scsi: qla2xxx: Fix Rport and session state getting out of sync (bsc#1094555).
- scsi: qla2xxx: Fix sending ADISC command for login (bsc#1094555).
- scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1094555).
- scsi: qla2xxx: Fix stalled relogin (bsc#1094555).
- scsi: qla2xxx: Fix TMF and Multi-Queue config (bsc#1094555).
- scsi: qla2xxx: Fix unintended Logout (bsc#1094555).
- scsi: qla2xxx: Fix unintialized List head crash (bsc#1094555).
- scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1094555).
- scsi: qla2xxx: fx00 copypaste typo (bsc#1094555).
- scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1094555).
- scsi: qla2xxx: Move GPSC and GFPNID out of session management (bsc#1094555).
- scsi: qla2xxx: Prevent relogin loop by removing stale code (bsc#1094555).
- scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1094555).
- scsi: qla2xxx: Reduce redundant ADISC command for RSCNs (bsc#1094555).
- scsi: qla2xxx: remove irq save in qla2x00_poll() (bsc#1094555).
- scsi: qla2xxx: Remove nvme_done_list (bsc#1084427).
- scsi: qla2xxx: Remove stale debug value for login_retry flag (bsc#1094555).
- scsi: qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084427).
- scsi: qla2xxx: Restore ZIO threshold setting (bsc#1084427).
- scsi: qla2xxx: Return busy if rport going away (bsc#1084427).
- scsi: qla2xxx: Save frame payload size from ICB (bsc#1094555).
- scsi: qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084427).
- scsi: qla2xxx: Silent erroneous message (bsc#1094555).
- scsi: qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).
- scsi: qla2xxx: Update driver version to 10.00.00.07-k (bsc#1094555).
- scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1094555).
- scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1094555).
- scsi: qla2xxx: Use predefined get_datalen_for_atio() inline function (bsc#1094555).
- selftests/powerpc: Kill child processes on SIGINT (bnc#1012382).
- smb3: fix reset of bytes read and written stats (bnc#1012382).
- SMB3: Number of requests sent should be displayed for SMB3 not just CIFS (bnc#1012382).
- staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free (bnc#1012382).
- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bnc#1012382).
- tcp: do not restart timewait timer on rst reception (bnc#1012382).
- Update patches.suse/dm-Always-copy-cmd_flags-when-cloning-a-request.patch (bsc#1088087, bsc#1103156).
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- vti6: remove !skb->ignore_df check from vti6_xmit() (bnc#1012382).
- watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bnc#1012382).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).
- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).
- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).
- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).
- xfs: add a xfs_iext_update_extent helper (bsc#1095344).
- xfs: add comments documenting the rebalance algorithm (bsc#1095344).
- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).
- xfs: add xfs_trim_extent (bsc#1095344).
- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).
- xfs: borrow indirect blocks from freed extent when available (bsc#1095344).
- xfs: cleanup xfs_bmap_last_before (bsc#1095344).
- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).
- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).
- xfs: during btree split, save new block key and ptr for future insertion (bsc#1095344).
- xfs: factor out a helper to initialize a local format inode fork (bsc#1095344).
- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).
- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).
- xfs: fix transaction allocation deadlock in IO path (bsc#1090535).
- xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).
- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).
- xfs: improve kmem_realloc (bsc#1095344).
- xfs: inline xfs_shift_file_space into callers (bsc#1095344).
- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).
- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).
- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).
- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).
- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).
- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).
- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).
- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).
- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).
- xfs: new inode extent list lookup helpers (bsc#1095344).
- xfs: only run torn log write detection on dirty logs (bsc#1095753).
- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).
- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: provide helper for counting extents from if_bytes (bsc#1095344).
- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor delalloc indlen reservation split into helper (bsc#1095344).
- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
- xfs: refactor in-core log state update to helper (bsc#1095753).
- xfs: refactor unmount record detection into helper (bsc#1095753).
- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: refactor xfs_bunmapi_cow (bsc#1095344).
- xfs: refactor xfs_del_extent_real (bsc#1095344).
- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).
- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).
- xfs: remove if_rdev (bsc#1095344).
- xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344).
- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).
- xfs: remove the never fully implemented UUID fork format (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).
- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).
- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).
- xfs: remove xfs_bmbt_get_state (bsc#1095344).
- xfs: remove xfs_bmse_shift_one (bsc#1095344).
- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).
- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).
- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).
- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).
- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).
- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).
- xfs: separate log head record discovery from verification (bsc#1095753).
- xfs: simplify the xfs_getbmap interface (bsc#1095344).
- xfs: simplify validation of the unwritten extent bit (bsc#1095344).
- xfs: split indlen reservations fairly when under reserved (bsc#1095344).
- xfs: split xfs_bmap_shift_extents (bsc#1095344).
- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).
- xfs: update freeblocks counter after extent deletion (bsc#1095344).
- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).
- xfs: use a b+tree for the in-core extent list (bsc#1095344).
- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).
- xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344).
- xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344).
- xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344).
- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).
- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).
- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).
Patchnames: SUSE-SLE-DESKTOP-12-SP3-2018-2135,SUSE-SLE-HA-12-SP3-2018-2135,SUSE-SLE-SDK-12-SP3-2018-2135,SUSE-SLE-SERVER-12-SP3-2018-2135,SUSE-SLE-WE-12-SP3-2018-2135
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.4 (Medium)
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.3 (High)
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
65 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
79 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-16597: Incorrect access checking in overlayfs mounts could have been\n used by local attackers to modify or truncate files in the underlying\n filesystem (bnc#1106512).\n- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when\n mounting and operating a crafted btrfs image, caused by a lack of block group\n item validation in check_leaf_item (bsc#1102896)\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870)\n- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in\n yurex_read allowed local attackers to use user access read/writes to crash the\n kernel or potentially escalate privileges (bsc#1106095)\n- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in\n drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of\n service (memory consumption) via many read accesses to files in the\n /sys/class/sas_phy directory, as demonstrated by the\n /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536)\n- CVE-2018-7480: The blkcg_init_queue function allowed local users to cause a\n denial of service (double free) or possibly have unspecified other impact by\n triggering a creation failure (bsc#1082863).\n- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c\n mishandled sequence number overflows. An attacker can trigger a\n use-after-free (and possibly gain privileges) via certain thread creation,\n map, unmap, invalidation, and dereference operations (bnc#1108399).\n\nThe following non-security bugs were fixed:\n\n- asm/sections: add helpers to check for section data (bsc#1063026).\n- ASoC: wm8994: Fix missing break in switch (bnc#1012382).\n- block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979).\n- bpf: fix overflow in prog accounting (bsc#1012382).\n- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Introduce mount time chunk \u003c-\u003e dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bnc#1012382).\n- btrfs: replace: Reset on-disk dev stats value after replace (bnc#1012382).\n- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).\n- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: use correct compare function of dirty_metadata_bytes (bnc#1012382).\n- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- cifs: check if SMB2 PDU size has been padded and suppress the warning (bnc#1012382).\n- crypto: clarify licensing of OpenSSL asm code ().\n- crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes).\n- debugobjects: Make stack check warning more informative (bnc#1012382).\n- dm kcopyd: avoid softlockup in run_complete_job (bnc#1012382).\n- dm-mpath: do not try to access NULL rq (bsc#1110337).\n- EDAC: Fix memleak in module init error path (bsc#1109441).\n- EDAC, i7core: Fix memleaks and use-after-free on probe and remove (1109441).\n- fat: validate -\u003ei_start before using (bnc#1012382).\n- Fixes: Commit cdbf92675fad (\u0027mm: numa: avoid waiting on freed migrated pages\u0027) (bnc#1012382).\n- Follow-up fix for patches.arch/01-jump_label-reduce-the-size-of-struct-static_key-kabi.patch (bsc#1108803).\n- fork: do not copy inconsistent signal handler state to child (bnc#1012382).\n- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (bnc#1012382).\n- genirq: Delay incrementing interrupt count if it\u0027s disabled/pending (bnc#1012382).\n- grow_cache: we still have a code which uses both __GFP_ZERO and constructors. The code seems to be correct and the warning does more harm than good so revert for the the meantime until we catch offenders. (bnc#1110297) \n- hfsplus: do not return 0 when fill_super() failed (bnc#1012382).\n- hfs: prevent crash on exit from failed search (bnc#1012382).\n- ib_srp: Remove WARN_ON in srp_terminate_io() (bsc#1094562).\n- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bnc#1012382).\n- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bnc#1012382).\n- irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() (bnc#1012382).\n- kabi protect hnae_ae_ops (bsc#1107924).\n- kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382).\n- l2tp: cast l2tp traffic counter to unsigned (bsc#1099810).\n- mei: me: allow runtime pm for platform with D0i3 (bnc#1012382).\n- mfd: sm501: Set coherent_dma_mask when creating subdevices (bnc#1012382).\n- mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382).\n- net/9p: fix error path of p9_virtio_probe (bnc#1012382).\n- net: bcmgenet: use MAC link status for fixed phy (bnc#1012382).\n- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108240).\n- net: ena: fix device destruction to gracefully free resources (bsc#1108240).\n- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240).\n- net: ena: fix incorrect usage of memory barriers (bsc#1108240).\n- net: ena: fix missing calls to READ_ONCE (bsc#1108240).\n- net: ena: fix missing lock during device destruction (bsc#1108240).\n- net: ena: fix potential double ena_destroy_device() (bsc#1108240).\n- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108240).\n- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).\n- net: hns: add the code for cleaning pkt in chip (bsc#1107924).\n- nvme_fc: add \u0027nvme_discovery\u0027 sysfs attribute to fc transport device (bsc#1044189).\n- nvmet: fixup crash on NULL device path (bsc#1082979).\n- ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512)\n- ovl: proper cleanup of workdir (bnc#1012382).\n- ovl: rename is_merge to is_lowest (bnc#1012382).\n- PCI: mvebu: Fix I/O space end address calculation (bnc#1012382).\n- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bnc#1012382).\n- powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244).\n- powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bsc#1094244).\n- powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).\n- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).\n- powerpc: Fix size calculation using resource_size() (bnc#1012382).\n- powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244).\n- powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check (git-fixes).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1066223).\n- powerpc/powernv: Rename machine_check_pSeries_early() to powernv (bsc#1094244).\n- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bnc#1012382).\n- powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223).\n- powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).\n- powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).\n- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).\n- RDMA/rw: Fix rdma_rw_ctx_signature_init() kernel-doc header (bsc#1082979).\n- reiserfs: change j_timestamp type to time64_t (bnc#1012382).\n- Revert \u0027ARM: imx_v6_v7_defconfig: Select ULPI support\u0027 (bnc#1012382).\n- s390/dasd: fix hanging offline processing due to canceled worker (bnc#1012382).\n- s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382 bnc#1106934).\n- sch_hhf: fix null pointer dereference on init failure (bnc#1012382).\n- sch_htb: fix crash on init failure (bnc#1012382).\n- sch_multiq: fix double free on init failure (bnc#1012382).\n- sch_netem: avoid null pointer deref on init failure (bnc#1012382).\n- sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382).\n- scripts: modpost: check memory allocation results (bnc#1012382).\n- scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382).\n- scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).\n- scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).\n- scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427).\n- scsi: qla2xxx: Add longer window for chip reset (bsc#1094555).\n- scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555).\n- scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427).\n- scsi: qla2xxx: Cleanup for N2N code (bsc#1094555).\n- scsi: qla2xxx: correctly shift host byte (bsc#1094555).\n- scsi: qla2xxx: Correct setting of SAM_STAT_CHECK_CONDITION (bsc#1094555).\n- scsi: qla2xxx: Delete session for nport id change (bsc#1094555).\n- scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).\n- scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (bsc#1094555).\n- scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555).\n- scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555).\n- scsi: qla2xxx: fix error message on \u003cqla2400 (bsc#1094555).\n- scsi: qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).\n- scsi: qla2xxx: Fix function argument descriptions (bsc#1094555).\n- scsi: qla2xxx: Fix Inquiry command being dropped in Target mode (bsc#1094555).\n- scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1094555).\n- scsi: qla2xxx: Fix login retry count (bsc#1094555).\n- scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1094555).\n- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1094555).\n- scsi: qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084427).\n- scsi: qla2xxx: Fix N2N link re-connect (bsc#1094555).\n- scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion (bsc#1094555).\n- scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1094555).\n- scsi: qla2xxx: Fix race condition between iocb timeout and initialisation (bsc#1094555).\n- scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1094555).\n- scsi: qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).\n- scsi: qla2xxx: Fix Rport and session state getting out of sync (bsc#1094555).\n- scsi: qla2xxx: Fix sending ADISC command for login (bsc#1094555).\n- scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1094555).\n- scsi: qla2xxx: Fix stalled relogin (bsc#1094555).\n- scsi: qla2xxx: Fix TMF and Multi-Queue config (bsc#1094555).\n- scsi: qla2xxx: Fix unintended Logout (bsc#1094555).\n- scsi: qla2xxx: Fix unintialized List head crash (bsc#1094555).\n- scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1094555).\n- scsi: qla2xxx: fx00 copypaste typo (bsc#1094555).\n- scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1094555).\n- scsi: qla2xxx: Move GPSC and GFPNID out of session management (bsc#1094555).\n- scsi: qla2xxx: Prevent relogin loop by removing stale code (bsc#1094555).\n- scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1094555).\n- scsi: qla2xxx: Reduce redundant ADISC command for RSCNs (bsc#1094555).\n- scsi: qla2xxx: remove irq save in qla2x00_poll() (bsc#1094555).\n- scsi: qla2xxx: Remove nvme_done_list (bsc#1084427).\n- scsi: qla2xxx: Remove stale debug value for login_retry flag (bsc#1094555).\n- scsi: qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084427).\n- scsi: qla2xxx: Restore ZIO threshold setting (bsc#1084427).\n- scsi: qla2xxx: Return busy if rport going away (bsc#1084427).\n- scsi: qla2xxx: Save frame payload size from ICB (bsc#1094555).\n- scsi: qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084427).\n- scsi: qla2xxx: Silent erroneous message (bsc#1094555).\n- scsi: qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).\n- scsi: qla2xxx: Update driver version to 10.00.00.07-k (bsc#1094555).\n- scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1094555).\n- scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1094555).\n- scsi: qla2xxx: Use predefined get_datalen_for_atio() inline function (bsc#1094555).\n- selftests/powerpc: Kill child processes on SIGINT (bnc#1012382).\n- smb3: fix reset of bytes read and written stats (bnc#1012382).\n- SMB3: Number of requests sent should be displayed for SMB3 not just CIFS (bnc#1012382).\n- staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free (bnc#1012382).\n- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bnc#1012382).\n- tcp: do not restart timewait timer on rst reception (bnc#1012382).\n- Update patches.suse/dm-Always-copy-cmd_flags-when-cloning-a-request.patch (bsc#1088087, bsc#1103156).\n- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).\n- vti6: remove !skb-\u003eignore_df check from vti6_xmit() (bnc#1012382).\n- watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).\n- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).\n- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bnc#1012382).\n- x86/speculation/l1tf: Fix up pte-\u003epfn conversion for PAE (bnc#1012382).\n- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).\n- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).\n- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).\n- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).\n- xfs: add a xfs_iext_update_extent helper (bsc#1095344).\n- xfs: add comments documenting the rebalance algorithm (bsc#1095344).\n- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).\n- xfs: add xfs_trim_extent (bsc#1095344).\n- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).\n- xfs: borrow indirect blocks from freed extent when available (bsc#1095344).\n- xfs: cleanup xfs_bmap_last_before (bsc#1095344).\n- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).\n- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).\n- xfs: during btree split, save new block key and ptr for future insertion (bsc#1095344).\n- xfs: factor out a helper to initialize a local format inode fork (bsc#1095344).\n- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).\n- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).\n- xfs: fix transaction allocation deadlock in IO path (bsc#1090535).\n- xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).\n- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).\n- xfs: improve kmem_realloc (bsc#1095344).\n- xfs: inline xfs_shift_file_space into callers (bsc#1095344).\n- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).\n- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).\n- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).\n- xfs: make better use of the \u0027state\u0027 variable in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).\n- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).\n- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).\n- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).\n- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).\n- xfs: new inode extent list lookup helpers (bsc#1095344).\n- xfs: only run torn log write detection on dirty logs (bsc#1095753).\n- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).\n- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: provide helper for counting extents from if_bytes (bsc#1095344).\n- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor delalloc indlen reservation split into helper (bsc#1095344).\n- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).\n- xfs: refactor in-core log state update to helper (bsc#1095753).\n- xfs: refactor unmount record detection into helper (bsc#1095753).\n- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: refactor xfs_bunmapi_cow (bsc#1095344).\n- xfs: refactor xfs_del_extent_real (bsc#1095344).\n- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).\n- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).\n- xfs: remove if_rdev (bsc#1095344).\n- xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344).\n- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).\n- xfs: remove the never fully implemented UUID fork format (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).\n- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).\n- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).\n- xfs: remove xfs_bmbt_get_state (bsc#1095344).\n- xfs: remove xfs_bmse_shift_one (bsc#1095344).\n- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).\n- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).\n- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).\n- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).\n- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).\n- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).\n- xfs: separate log head record discovery from verification (bsc#1095753).\n- xfs: simplify the xfs_getbmap interface (bsc#1095344).\n- xfs: simplify validation of the unwritten extent bit (bsc#1095344).\n- xfs: split indlen reservations fairly when under reserved (bsc#1095344).\n- xfs: split xfs_bmap_shift_extents (bsc#1095344).\n- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).\n- xfs: update freeblocks counter after extent deletion (bsc#1095344).\n- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).\n- xfs: use a b+tree for the in-core extent list (bsc#1095344).\n- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).\n- xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344).\n- xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344).\n- xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344).\n- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).\n- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).\n- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-SP3-2018-2135,SUSE-SLE-HA-12-SP3-2018-2135,SUSE-SLE-SDK-12-SP3-2018-2135,SUSE-SLE-SERVER-12-SP3-2018-2135,SUSE-SLE-WE-12-SP3-2018-2135",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3003-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:3003-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183003-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:3003-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183003-1.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1044189",
"url": "https://bugzilla.suse.com/1044189"
},
{
"category": "self",
"summary": "SUSE Bug 1063026",
"url": "https://bugzilla.suse.com/1063026"
},
{
"category": "self",
"summary": "SUSE Bug 1066223",
"url": "https://bugzilla.suse.com/1066223"
},
{
"category": "self",
"summary": "SUSE Bug 1082863",
"url": "https://bugzilla.suse.com/1082863"
},
{
"category": "self",
"summary": "SUSE Bug 1082979",
"url": "https://bugzilla.suse.com/1082979"
},
{
"category": "self",
"summary": "SUSE Bug 1084427",
"url": "https://bugzilla.suse.com/1084427"
},
{
"category": "self",
"summary": "SUSE Bug 1084536",
"url": "https://bugzilla.suse.com/1084536"
},
{
"category": "self",
"summary": "SUSE Bug 1087209",
"url": "https://bugzilla.suse.com/1087209"
},
{
"category": "self",
"summary": "SUSE Bug 1088087",
"url": "https://bugzilla.suse.com/1088087"
},
{
"category": "self",
"summary": "SUSE Bug 1090535",
"url": "https://bugzilla.suse.com/1090535"
},
{
"category": "self",
"summary": "SUSE Bug 1091815",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1094555",
"url": "https://bugzilla.suse.com/1094555"
},
{
"category": "self",
"summary": "SUSE Bug 1094562",
"url": "https://bugzilla.suse.com/1094562"
},
{
"category": "self",
"summary": "SUSE Bug 1095344",
"url": "https://bugzilla.suse.com/1095344"
},
{
"category": "self",
"summary": "SUSE Bug 1095753",
"url": "https://bugzilla.suse.com/1095753"
},
{
"category": "self",
"summary": "SUSE Bug 1096547",
"url": "https://bugzilla.suse.com/1096547"
},
{
"category": "self",
"summary": "SUSE Bug 1099810",
"url": "https://bugzilla.suse.com/1099810"
},
{
"category": "self",
"summary": "SUSE Bug 1102495",
"url": "https://bugzilla.suse.com/1102495"
},
{
"category": "self",
"summary": "SUSE Bug 1102715",
"url": "https://bugzilla.suse.com/1102715"
},
{
"category": "self",
"summary": "SUSE Bug 1102870",
"url": "https://bugzilla.suse.com/1102870"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1103156",
"url": "https://bugzilla.suse.com/1103156"
},
{
"category": "self",
"summary": "SUSE Bug 1103269",
"url": "https://bugzilla.suse.com/1103269"
},
{
"category": "self",
"summary": "SUSE Bug 1106095",
"url": "https://bugzilla.suse.com/1106095"
},
{
"category": "self",
"summary": "SUSE Bug 1106434",
"url": "https://bugzilla.suse.com/1106434"
},
{
"category": "self",
"summary": "SUSE Bug 1106512",
"url": "https://bugzilla.suse.com/1106512"
},
{
"category": "self",
"summary": "SUSE Bug 1106594",
"url": "https://bugzilla.suse.com/1106594"
},
{
"category": "self",
"summary": "SUSE Bug 1106934",
"url": "https://bugzilla.suse.com/1106934"
},
{
"category": "self",
"summary": "SUSE Bug 1107924",
"url": "https://bugzilla.suse.com/1107924"
},
{
"category": "self",
"summary": "SUSE Bug 1108096",
"url": "https://bugzilla.suse.com/1108096"
},
{
"category": "self",
"summary": "SUSE Bug 1108170",
"url": "https://bugzilla.suse.com/1108170"
},
{
"category": "self",
"summary": "SUSE Bug 1108240",
"url": "https://bugzilla.suse.com/1108240"
},
{
"category": "self",
"summary": "SUSE Bug 1108399",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "self",
"summary": "SUSE Bug 1108803",
"url": "https://bugzilla.suse.com/1108803"
},
{
"category": "self",
"summary": "SUSE Bug 1108823",
"url": "https://bugzilla.suse.com/1108823"
},
{
"category": "self",
"summary": "SUSE Bug 1109333",
"url": "https://bugzilla.suse.com/1109333"
},
{
"category": "self",
"summary": "SUSE Bug 1109336",
"url": "https://bugzilla.suse.com/1109336"
},
{
"category": "self",
"summary": "SUSE Bug 1109337",
"url": "https://bugzilla.suse.com/1109337"
},
{
"category": "self",
"summary": "SUSE Bug 1109441",
"url": "https://bugzilla.suse.com/1109441"
},
{
"category": "self",
"summary": "SUSE Bug 1110297",
"url": "https://bugzilla.suse.com/1110297"
},
{
"category": "self",
"summary": "SUSE Bug 1110337",
"url": "https://bugzilla.suse.com/1110337"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14613 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14617 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16276 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16597 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17182 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7480 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7757 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7757/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-10-04T12:01:46Z",
"generator": {
"date": "2018-10-04T12:01:46Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:3003-1",
"initial_release_date": "2018-10-04T12:01:46Z",
"revision_history": [
{
"date": "2018-10-04T12:01:46Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-4.4.156-94.57.1.aarch64",
"product": {
"name": "kernel-obs-build-4.4.156-94.57.1.aarch64",
"product_id": "kernel-obs-build-4.4.156-94.57.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.156-94.57.1.aarch64",
"product": {
"name": "kernel-default-4.4.156-94.57.1.aarch64",
"product_id": "kernel-default-4.4.156-94.57.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.156-94.57.1.aarch64",
"product": {
"name": "kernel-default-base-4.4.156-94.57.1.aarch64",
"product_id": "kernel-default-base-4.4.156-94.57.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.156-94.57.1.aarch64",
"product": {
"name": "kernel-default-devel-4.4.156-94.57.1.aarch64",
"product_id": "kernel-default-devel-4.4.156-94.57.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.156-94.57.1.aarch64",
"product": {
"name": "kernel-syms-4.4.156-94.57.1.aarch64",
"product_id": "kernel-syms-4.4.156-94.57.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.4.156-94.57.1.noarch",
"product": {
"name": "kernel-devel-4.4.156-94.57.1.noarch",
"product_id": "kernel-devel-4.4.156-94.57.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.4.156-94.57.1.noarch",
"product": {
"name": "kernel-macros-4.4.156-94.57.1.noarch",
"product_id": "kernel-macros-4.4.156-94.57.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.4.156-94.57.1.noarch",
"product": {
"name": "kernel-source-4.4.156-94.57.1.noarch",
"product_id": "kernel-source-4.4.156-94.57.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.4.156-94.57.1.noarch",
"product": {
"name": "kernel-docs-4.4.156-94.57.1.noarch",
"product_id": "kernel-docs-4.4.156-94.57.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"product": {
"name": "cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"product_id": "cluster-md-kmp-default-4.4.156-94.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"product": {
"name": "dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"product_id": "dlm-kmp-default-4.4.156-94.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"product": {
"name": "gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"product_id": "gfs2-kmp-default-4.4.156-94.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"product": {
"name": "ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"product_id": "ocfs2-kmp-default-4.4.156-94.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.156-94.57.1.ppc64le",
"product": {
"name": "kernel-obs-build-4.4.156-94.57.1.ppc64le",
"product_id": "kernel-obs-build-4.4.156-94.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.156-94.57.1.ppc64le",
"product": {
"name": "kernel-default-4.4.156-94.57.1.ppc64le",
"product_id": "kernel-default-4.4.156-94.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.156-94.57.1.ppc64le",
"product": {
"name": "kernel-default-base-4.4.156-94.57.1.ppc64le",
"product_id": "kernel-default-base-4.4.156-94.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.156-94.57.1.ppc64le",
"product": {
"name": "kernel-default-devel-4.4.156-94.57.1.ppc64le",
"product_id": "kernel-default-devel-4.4.156-94.57.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.156-94.57.1.ppc64le",
"product": {
"name": "kernel-syms-4.4.156-94.57.1.ppc64le",
"product_id": "kernel-syms-4.4.156-94.57.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"product": {
"name": "cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"product_id": "cluster-md-kmp-default-4.4.156-94.57.1.s390x"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.156-94.57.1.s390x",
"product": {
"name": "dlm-kmp-default-4.4.156-94.57.1.s390x",
"product_id": "dlm-kmp-default-4.4.156-94.57.1.s390x"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.156-94.57.1.s390x",
"product": {
"name": "gfs2-kmp-default-4.4.156-94.57.1.s390x",
"product_id": "gfs2-kmp-default-4.4.156-94.57.1.s390x"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"product": {
"name": "ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"product_id": "ocfs2-kmp-default-4.4.156-94.57.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.156-94.57.1.s390x",
"product": {
"name": "kernel-obs-build-4.4.156-94.57.1.s390x",
"product_id": "kernel-obs-build-4.4.156-94.57.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-4.4.156-94.57.1.s390x",
"product": {
"name": "kernel-default-4.4.156-94.57.1.s390x",
"product_id": "kernel-default-4.4.156-94.57.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.156-94.57.1.s390x",
"product": {
"name": "kernel-default-base-4.4.156-94.57.1.s390x",
"product_id": "kernel-default-base-4.4.156-94.57.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.156-94.57.1.s390x",
"product": {
"name": "kernel-default-devel-4.4.156-94.57.1.s390x",
"product_id": "kernel-default-devel-4.4.156-94.57.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-4.4.156-94.57.1.s390x",
"product": {
"name": "kernel-default-man-4.4.156-94.57.1.s390x",
"product_id": "kernel-default-man-4.4.156-94.57.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.156-94.57.1.s390x",
"product": {
"name": "kernel-syms-4.4.156-94.57.1.s390x",
"product_id": "kernel-syms-4.4.156-94.57.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-4.4.156-94.57.1.x86_64",
"product": {
"name": "kernel-default-4.4.156-94.57.1.x86_64",
"product_id": "kernel-default-4.4.156-94.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.4.156-94.57.1.x86_64",
"product": {
"name": "kernel-default-devel-4.4.156-94.57.1.x86_64",
"product_id": "kernel-default-devel-4.4.156-94.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-4.4.156-94.57.1.x86_64",
"product": {
"name": "kernel-default-extra-4.4.156-94.57.1.x86_64",
"product_id": "kernel-default-extra-4.4.156-94.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.4.156-94.57.1.x86_64",
"product": {
"name": "kernel-syms-4.4.156-94.57.1.x86_64",
"product_id": "kernel-syms-4.4.156-94.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"product": {
"name": "cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"product_id": "cluster-md-kmp-default-4.4.156-94.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "dlm-kmp-default-4.4.156-94.57.1.x86_64",
"product": {
"name": "dlm-kmp-default-4.4.156-94.57.1.x86_64",
"product_id": "dlm-kmp-default-4.4.156-94.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"product": {
"name": "gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"product_id": "gfs2-kmp-default-4.4.156-94.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"product": {
"name": "ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"product_id": "ocfs2-kmp-default-4.4.156-94.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.4.156-94.57.1.x86_64",
"product": {
"name": "kernel-obs-build-4.4.156-94.57.1.x86_64",
"product_id": "kernel-obs-build-4.4.156-94.57.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.4.156-94.57.1.x86_64",
"product": {
"name": "kernel-default-base-4.4.156-94.57.1.x86_64",
"product_id": "kernel-default-base-4.4.156-94.57.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-ha:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-devel-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-macros-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-source-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Desktop 12 SP3",
"product_id": "SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-syms-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le"
},
"product_reference": "cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x"
},
"product_reference": "cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cluster-md-kmp-default-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64"
},
"product_reference": "cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le"
},
"product_reference": "dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x"
},
"product_reference": "dlm-kmp-default-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dlm-kmp-default-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64"
},
"product_reference": "dlm-kmp-default-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le"
},
"product_reference": "gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x"
},
"product_reference": "gfs2-kmp-default-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gfs2-kmp-default-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64"
},
"product_reference": "gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le"
},
"product_reference": "ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x"
},
"product_reference": "ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ocfs2-kmp-default-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise High Availability Extension 12 SP3",
"product_id": "SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64"
},
"product_reference": "ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Availability Extension 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-docs-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.156-94.57.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64"
},
"product_reference": "kernel-obs-build-4.4.156-94.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le"
},
"product_reference": "kernel-obs-build-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-obs-build-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP3",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-obs-build-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.156-94.57.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64"
},
"product_reference": "kernel-default-4.4.156-94.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le"
},
"product_reference": "kernel-default-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-default-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.156-94.57.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.156-94.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-default-base-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.156-94.57.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.156-94.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-default-man-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-devel-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-macros-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-source-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.156-94.57.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64"
},
"product_reference": "kernel-syms-4.4.156-94.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-syms-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3",
"product_id": "SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-syms-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.156-94.57.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64"
},
"product_reference": "kernel-default-4.4.156-94.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le"
},
"product_reference": "kernel-default-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-default-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.156-94.57.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64"
},
"product_reference": "kernel-default-base-4.4.156-94.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le"
},
"product_reference": "kernel-default-base-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-default-base-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-base-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.156-94.57.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64"
},
"product_reference": "kernel-default-devel-4.4.156-94.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le"
},
"product_reference": "kernel-default-devel-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-default-devel-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-devel-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-default-man-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-devel-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-macros-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.4.156-94.57.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch"
},
"product_reference": "kernel-source-4.4.156-94.57.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.156-94.57.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64"
},
"product_reference": "kernel-syms-4.4.156-94.57.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.156-94.57.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le"
},
"product_reference": "kernel-syms-4.4.156-94.57.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.156-94.57.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x"
},
"product_reference": "kernel-syms-4.4.156-94.57.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-syms-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-4.4.156-94.57.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12 SP3",
"product_id": "SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
},
"product_reference": "kernel-default-extra-4.4.156-94.57.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14613"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14613",
"url": "https://www.suse.com/security/cve/CVE-2018-14613"
},
{
"category": "external",
"summary": "SUSE Bug 1102896 for CVE-2018-14613",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "external",
"summary": "SUSE Bug 1103800 for CVE-2018-14613",
"url": "https://bugzilla.suse.com/1103800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-14613"
},
{
"cve": "CVE-2018-14617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14617"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14617",
"url": "https://www.suse.com/security/cve/CVE-2018-14617"
},
{
"category": "external",
"summary": "SUSE Bug 1102870 for CVE-2018-14617",
"url": "https://bugzilla.suse.com/1102870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-14617"
},
{
"cve": "CVE-2018-16276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16276"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16276",
"url": "https://www.suse.com/security/cve/CVE-2018-16276"
},
{
"category": "external",
"summary": "SUSE Bug 1106095 for CVE-2018-16276",
"url": "https://bugzilla.suse.com/1106095"
},
{
"category": "external",
"summary": "SUSE Bug 1115593 for CVE-2018-16276",
"url": "https://bugzilla.suse.com/1115593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:46Z",
"details": "important"
}
],
"title": "CVE-2018-16276"
},
{
"cve": "CVE-2018-16597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16597"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16597",
"url": "https://www.suse.com/security/cve/CVE-2018-16597"
},
{
"category": "external",
"summary": "SUSE Bug 1106512 for CVE-2018-16597",
"url": "https://bugzilla.suse.com/1106512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-16597"
},
{
"cve": "CVE-2018-17182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17182"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17182",
"url": "https://www.suse.com/security/cve/CVE-2018-17182"
},
{
"category": "external",
"summary": "SUSE Bug 1108399 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "external",
"summary": "SUSE Bug 1110233 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1110233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-17182"
},
{
"cve": "CVE-2018-7480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7480"
}
],
"notes": [
{
"category": "general",
"text": "The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7480",
"url": "https://www.suse.com/security/cve/CVE-2018-7480"
},
{
"category": "external",
"summary": "SUSE Bug 1082863 for CVE-2018-7480",
"url": "https://bugzilla.suse.com/1082863"
},
{
"category": "external",
"summary": "SUSE Bug 1084536 for CVE-2018-7480",
"url": "https://bugzilla.suse.com/1084536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-7480"
},
{
"cve": "CVE-2018-7757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7757"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7757",
"url": "https://www.suse.com/security/cve/CVE-2018-7757"
},
{
"category": "external",
"summary": "SUSE Bug 1084536 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1084536"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087209 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1087209"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Desktop 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:cluster-md-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:dlm-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:gfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise High Availability Extension 12 SP3:ocfs2-kmp-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-base-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-devel-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-default-man-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-devel-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-macros-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-source-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:kernel-syms-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-docs-4.4.156-94.57.1.noarch",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP3:kernel-obs-build-4.4.156-94.57.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12 SP3:kernel-default-extra-4.4.156-94.57.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:46Z",
"details": "moderate"
}
],
"title": "CVE-2018-7757"
}
]
}
SUSE-SU-2018:3004-1
Vulnerability from csaf_suse - Published: 2018-10-04 12:01 - Updated: 2018-10-04 12:01Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-16597: Incorrect access checking in overlayfs mounts could have been
used by local attackers to modify or truncate files in the underlying
filesystem (bnc#1106512).
- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when
mounting and operating a crafted btrfs image, caused by a lack of block group
item validation in check_leaf_item (bsc#1102896)
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095)
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in
drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of
service (memory consumption) via many read accesses to files in the
/sys/class/sas_phy directory, as demonstrated by the
/sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536)
- CVE-2018-7480: The blkcg_init_queue function allowed local users to cause a
denial of service (double free) or possibly have unspecified other impact by
triggering a creation failure (bsc#1082863).
- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c
mishandled sequence number overflows. An attacker can trigger a
use-after-free (and possibly gain privileges) via certain thread creation,
map, unmap, invalidation, and dereference operations (bnc#1108399).
The following non-security bugs were fixed:
- asm/sections: add helpers to check for section data (bsc#1063026).
- ASoC: wm8994: Fix missing break in switch (bnc#1012382).
- block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979).
- bpf: fix overflow in prog accounting (bsc#1012382).
- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Introduce mount time chunk <-> dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bnc#1012382).
- btrfs: replace: Reset on-disk dev stats value after replace (bnc#1012382).
- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).
- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- btrfs: use correct compare function of dirty_metadata_bytes (bnc#1012382).
- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).
- cifs: check if SMB2 PDU size has been padded and suppress the warning (bnc#1012382).
- crypto: clarify licensing of OpenSSL asm code ().
- crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes).
- debugobjects: Make stack check warning more informative (bnc#1012382).
- dm kcopyd: avoid softlockup in run_complete_job (bnc#1012382).
- dm-mpath: do not try to access NULL rq (bsc#1110337).
- EDAC: Fix memleak in module init error path (bsc#1109441).
- EDAC, i7core: Fix memleaks and use-after-free on probe and remove (1109441).
- fat: validate ->i_start before using (bnc#1012382).
- Fixes: Commit cdbf92675fad ('mm: numa: avoid waiting on freed migrated pages') (bnc#1012382).
- Follow-up fix for patches.arch/01-jump_label-reduce-the-size-of-struct-static_key-kabi.patch (bsc#1108803).
- fork: do not copy inconsistent signal handler state to child (bnc#1012382).
- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (bnc#1012382).
- genirq: Delay incrementing interrupt count if it's disabled/pending (bnc#1012382).
- grow_cache: we still have a code which uses both __GFP_ZERO and constructors. The code seems to be correct and the warning does more harm than good so revert for the the meantime until we catch offenders. (bnc#1110297)
- hfsplus: do not return 0 when fill_super() failed (bnc#1012382).
- hfs: prevent crash on exit from failed search (bnc#1012382).
- ib_srp: Remove WARN_ON in srp_terminate_io() (bsc#1094562).
- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bnc#1012382).
- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bnc#1012382).
- irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() (bnc#1012382).
- kabi protect hnae_ae_ops (bsc#1107924).
- kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382).
- l2tp: cast l2tp traffic counter to unsigned (bsc#1099810).
- mei: me: allow runtime pm for platform with D0i3 (bnc#1012382).
- mfd: sm501: Set coherent_dma_mask when creating subdevices (bnc#1012382).
- mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382).
- net/9p: fix error path of p9_virtio_probe (bnc#1012382).
- net: bcmgenet: use MAC link status for fixed phy (bnc#1012382).
- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108240).
- net: ena: fix device destruction to gracefully free resources (bsc#1108240).
- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240).
- net: ena: fix incorrect usage of memory barriers (bsc#1108240).
- net: ena: fix missing calls to READ_ONCE (bsc#1108240).
- net: ena: fix missing lock during device destruction (bsc#1108240).
- net: ena: fix potential double ena_destroy_device() (bsc#1108240).
- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108240).
- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).
- net: hns: add the code for cleaning pkt in chip (bsc#1107924).
- nvme_fc: add 'nvme_discovery' sysfs attribute to fc transport device (bsc#1044189).
- nvmet: fixup crash on NULL device path (bsc#1082979).
- ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512)
- ovl: proper cleanup of workdir (bnc#1012382).
- ovl: rename is_merge to is_lowest (bnc#1012382).
- PCI: mvebu: Fix I/O space end address calculation (bnc#1012382).
- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bnc#1012382).
- powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244).
- powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bsc#1094244).
- powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).
- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).
- powerpc: Fix size calculation using resource_size() (bnc#1012382).
- powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244).
- powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check (git-fixes).
- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1066223).
- powerpc/powernv: Rename machine_check_pSeries_early() to powernv (bsc#1094244).
- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bnc#1012382).
- powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223).
- powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).
- powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).
- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).
- RDMA/rw: Fix rdma_rw_ctx_signature_init() kernel-doc header (bsc#1082979).
- reiserfs: change j_timestamp type to time64_t (bnc#1012382).
- Revert 'ARM: imx_v6_v7_defconfig: Select ULPI support' (bnc#1012382).
- s390/dasd: fix hanging offline processing due to canceled worker (bnc#1012382).
- s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382 bnc#1106934).
- sch_hhf: fix null pointer dereference on init failure (bnc#1012382).
- sch_htb: fix crash on init failure (bnc#1012382).
- sch_multiq: fix double free on init failure (bnc#1012382).
- sch_netem: avoid null pointer deref on init failure (bnc#1012382).
- sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382).
- scripts: modpost: check memory allocation results (bnc#1012382).
- scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382).
- scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).
- scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).
- scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427).
- scsi: qla2xxx: Add longer window for chip reset (bsc#1094555).
- scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555).
- scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427).
- scsi: qla2xxx: Cleanup for N2N code (bsc#1094555).
- scsi: qla2xxx: correctly shift host byte (bsc#1094555).
- scsi: qla2xxx: Correct setting of SAM_STAT_CHECK_CONDITION (bsc#1094555).
- scsi: qla2xxx: Delete session for nport id change (bsc#1094555).
- scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).
- scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (bsc#1094555).
- scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555).
- scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555).
- scsi: qla2xxx: fix error message on <qla2400 (bsc#1094555).
- scsi: qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).
- scsi: qla2xxx: Fix function argument descriptions (bsc#1094555).
- scsi: qla2xxx: Fix Inquiry command being dropped in Target mode (bsc#1094555).
- scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1094555).
- scsi: qla2xxx: Fix login retry count (bsc#1094555).
- scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1094555).
- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1094555).
- scsi: qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084427).
- scsi: qla2xxx: Fix N2N link re-connect (bsc#1094555).
- scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion (bsc#1094555).
- scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1094555).
- scsi: qla2xxx: Fix race condition between iocb timeout and initialisation (bsc#1094555).
- scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1094555).
- scsi: qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).
- scsi: qla2xxx: Fix Rport and session state getting out of sync (bsc#1094555).
- scsi: qla2xxx: Fix sending ADISC command for login (bsc#1094555).
- scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1094555).
- scsi: qla2xxx: Fix stalled relogin (bsc#1094555).
- scsi: qla2xxx: Fix TMF and Multi-Queue config (bsc#1094555).
- scsi: qla2xxx: Fix unintended Logout (bsc#1094555).
- scsi: qla2xxx: Fix unintialized List head crash (bsc#1094555).
- scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1094555).
- scsi: qla2xxx: fx00 copypaste typo (bsc#1094555).
- scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1094555).
- scsi: qla2xxx: Move GPSC and GFPNID out of session management (bsc#1094555).
- scsi: qla2xxx: Prevent relogin loop by removing stale code (bsc#1094555).
- scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1094555).
- scsi: qla2xxx: Reduce redundant ADISC command for RSCNs (bsc#1094555).
- scsi: qla2xxx: remove irq save in qla2x00_poll() (bsc#1094555).
- scsi: qla2xxx: Remove nvme_done_list (bsc#1084427).
- scsi: qla2xxx: Remove stale debug value for login_retry flag (bsc#1094555).
- scsi: qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084427).
- scsi: qla2xxx: Restore ZIO threshold setting (bsc#1084427).
- scsi: qla2xxx: Return busy if rport going away (bsc#1084427).
- scsi: qla2xxx: Save frame payload size from ICB (bsc#1094555).
- scsi: qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084427).
- scsi: qla2xxx: Silent erroneous message (bsc#1094555).
- scsi: qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).
- scsi: qla2xxx: Update driver version to 10.00.00.07-k (bsc#1094555).
- scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1094555).
- scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1094555).
- scsi: qla2xxx: Use predefined get_datalen_for_atio() inline function (bsc#1094555).
- selftests/powerpc: Kill child processes on SIGINT (bnc#1012382).
- smb3: fix reset of bytes read and written stats (bnc#1012382).
- SMB3: Number of requests sent should be displayed for SMB3 not just CIFS (bnc#1012382).
- staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free (bnc#1012382).
- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bnc#1012382).
- tcp: do not restart timewait timer on rst reception (bnc#1012382).
- Update patches.suse/dm-Always-copy-cmd_flags-when-cloning-a-request.patch (bsc#1088087, bsc#1103156).
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- vti6: remove !skb->ignore_df check from vti6_xmit() (bnc#1012382).
- watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).
- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).
- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bnc#1012382).
- x86/speculation/l1tf: Fix up pte->pfn conversion for PAE (bnc#1012382).
- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).
- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).
- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).
- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).
- xfs: add a xfs_iext_update_extent helper (bsc#1095344).
- xfs: add comments documenting the rebalance algorithm (bsc#1095344).
- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).
- xfs: add xfs_trim_extent (bsc#1095344).
- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).
- xfs: borrow indirect blocks from freed extent when available (bsc#1095344).
- xfs: cleanup xfs_bmap_last_before (bsc#1095344).
- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).
- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).
- xfs: during btree split, save new block key and ptr for future insertion (bsc#1095344).
- xfs: factor out a helper to initialize a local format inode fork (bsc#1095344).
- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).
- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).
- xfs: fix transaction allocation deadlock in IO path (bsc#1090535).
- xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).
- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).
- xfs: improve kmem_realloc (bsc#1095344).
- xfs: inline xfs_shift_file_space into callers (bsc#1095344).
- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).
- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).
- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).
- xfs: make better use of the 'state' variable in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).
- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).
- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).
- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).
- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).
- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).
- xfs: new inode extent list lookup helpers (bsc#1095344).
- xfs: only run torn log write detection on dirty logs (bsc#1095753).
- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).
- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).
- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).
- xfs: provide helper for counting extents from if_bytes (bsc#1095344).
- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor delalloc indlen reservation split into helper (bsc#1095344).
- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).
- xfs: refactor in-core log state update to helper (bsc#1095753).
- xfs: refactor unmount record detection into helper (bsc#1095753).
- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: refactor xfs_bunmapi_cow (bsc#1095344).
- xfs: refactor xfs_del_extent_real (bsc#1095344).
- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).
- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).
- xfs: remove if_rdev (bsc#1095344).
- xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344).
- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).
- xfs: remove the never fully implemented UUID fork format (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).
- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).
- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).
- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).
- xfs: remove xfs_bmbt_get_state (bsc#1095344).
- xfs: remove xfs_bmse_shift_one (bsc#1095344).
- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).
- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).
- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).
- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).
- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).
- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).
- xfs: separate log head record discovery from verification (bsc#1095753).
- xfs: simplify the xfs_getbmap interface (bsc#1095344).
- xfs: simplify validation of the unwritten extent bit (bsc#1095344).
- xfs: split indlen reservations fairly when under reserved (bsc#1095344).
- xfs: split xfs_bmap_shift_extents (bsc#1095344).
- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).
- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).
- xfs: update freeblocks counter after extent deletion (bsc#1095344).
- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).
- xfs: use a b+tree for the in-core extent list (bsc#1095344).
- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).
- xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344).
- xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344).
- xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344).
- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).
- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).
- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).
- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).
- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).
Patchnames: SUSE-SLE-Live-Patching-12-SP3-2018-2135
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
4.4 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.3 (High)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.3 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
79 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP3 kernel was updated to 4.4.156 to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-16597: Incorrect access checking in overlayfs mounts could have been\n used by local attackers to modify or truncate files in the underlying\n filesystem (bnc#1106512).\n- CVE-2018-14613: Prevent invalid pointer dereference in io_ctl_map_page() when\n mounting and operating a crafted btrfs image, caused by a lack of block group\n item validation in check_leaf_item (bsc#1102896)\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870)\n- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in\n yurex_read allowed local attackers to use user access read/writes to crash the\n kernel or potentially escalate privileges (bsc#1106095)\n- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in\n drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of\n service (memory consumption) via many read accesses to files in the\n /sys/class/sas_phy directory, as demonstrated by the\n /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536)\n- CVE-2018-7480: The blkcg_init_queue function allowed local users to cause a\n denial of service (double free) or possibly have unspecified other impact by\n triggering a creation failure (bsc#1082863).\n- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c\n mishandled sequence number overflows. An attacker can trigger a\n use-after-free (and possibly gain privileges) via certain thread creation,\n map, unmap, invalidation, and dereference operations (bnc#1108399).\n\nThe following non-security bugs were fixed:\n\n- asm/sections: add helpers to check for section data (bsc#1063026).\n- ASoC: wm8994: Fix missing break in switch (bnc#1012382).\n- block: bvec_nr_vecs() returns value for wrong slab (bsc#1082979).\n- bpf: fix overflow in prog accounting (bsc#1012382).\n- btrfs: Add checker for EXTENT_CSUM (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Add sanity check for EXTENT_DATA when reading out leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check if item pointer overlaps with the item itself (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Check that each block group has corresponding chunk at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Introduce mount time chunk \u003c-\u003e dev extent mapping check (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: Move leaf and node validation checker to tree-checker.c (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: relocation: Only remove reloc rb_trees if reloc control has been initialized (bnc#1012382).\n- btrfs: replace: Reset on-disk dev stats value after replace (bnc#1012382).\n- btrfs: scrub: Do not use inode page cache in scrub_handle_errored_block() (bsc#1108096).\n- btrfs: tree-checker: Add checker for dir item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Detect invalid and empty essential trees (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance btrfs_check_node output (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for btrfs_check_leaf (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_csum_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Enhance output for check_extent_data_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Fix false panic for sanity test (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Replace root parameter with fs_info (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: use %zu format string for size_t (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: tree-checker: Verify block_group_item (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- btrfs: use correct compare function of dirty_metadata_bytes (bnc#1012382).\n- btrfs: Verify that every chunk has corresponding block group at mount time (bsc#1102882, bsc#1102896, bsc#1102879, bsc#1102877, bsc#1102875,).\n- cifs: check if SMB2 PDU size has been padded and suppress the warning (bnc#1012382).\n- crypto: clarify licensing of OpenSSL asm code ().\n- crypto: vmx - Remove overly verbose printk from AES XTS init (git-fixes).\n- debugobjects: Make stack check warning more informative (bnc#1012382).\n- dm kcopyd: avoid softlockup in run_complete_job (bnc#1012382).\n- dm-mpath: do not try to access NULL rq (bsc#1110337).\n- EDAC: Fix memleak in module init error path (bsc#1109441).\n- EDAC, i7core: Fix memleaks and use-after-free on probe and remove (1109441).\n- fat: validate -\u003ei_start before using (bnc#1012382).\n- Fixes: Commit cdbf92675fad (\u0027mm: numa: avoid waiting on freed migrated pages\u0027) (bnc#1012382).\n- Follow-up fix for patches.arch/01-jump_label-reduce-the-size-of-struct-static_key-kabi.patch (bsc#1108803).\n- fork: do not copy inconsistent signal handler state to child (bnc#1012382).\n- fs/dcache.c: fix kmemcheck splat at take_dentry_name_snapshot() (bnc#1012382).\n- genirq: Delay incrementing interrupt count if it\u0027s disabled/pending (bnc#1012382).\n- grow_cache: we still have a code which uses both __GFP_ZERO and constructors. The code seems to be correct and the warning does more harm than good so revert for the the meantime until we catch offenders. (bnc#1110297) \n- hfsplus: do not return 0 when fill_super() failed (bnc#1012382).\n- hfs: prevent crash on exit from failed search (bnc#1012382).\n- ib_srp: Remove WARN_ON in srp_terminate_io() (bsc#1094562).\n- ipvs: fix race between ip_vs_conn_new() and ip_vs_del_dest() (bnc#1012382).\n- irqchip/bcm7038-l1: Hide cpu offline callback when building for !SMP (bnc#1012382).\n- irqchip/gic-v3: Add missing barrier to 32bit version of gic_read_iar() (bnc#1012382).\n- kabi protect hnae_ae_ops (bsc#1107924).\n- kbuild: make missing $DEPMOD a Warning instead of an Error (bnc#1012382).\n- l2tp: cast l2tp traffic counter to unsigned (bsc#1099810).\n- mei: me: allow runtime pm for platform with D0i3 (bnc#1012382).\n- mfd: sm501: Set coherent_dma_mask when creating subdevices (bnc#1012382).\n- mm/fadvise.c: fix signed overflow UBSAN complaint (bnc#1012382).\n- net/9p: fix error path of p9_virtio_probe (bnc#1012382).\n- net: bcmgenet: use MAC link status for fixed phy (bnc#1012382).\n- net: ena: Eliminate duplicate barriers on weakly-ordered archs (bsc#1108240).\n- net: ena: fix device destruction to gracefully free resources (bsc#1108240).\n- net: ena: fix driver when PAGE_SIZE == 64kB (bsc#1108240).\n- net: ena: fix incorrect usage of memory barriers (bsc#1108240).\n- net: ena: fix missing calls to READ_ONCE (bsc#1108240).\n- net: ena: fix missing lock during device destruction (bsc#1108240).\n- net: ena: fix potential double ena_destroy_device() (bsc#1108240).\n- net: ena: fix surprise unplug NULL dereference kernel crash (bsc#1108240).\n- net: hns: add netif_carrier_off before change speed and duplex (bsc#1107924).\n- net: hns: add the code for cleaning pkt in chip (bsc#1107924).\n- nvme_fc: add \u0027nvme_discovery\u0027 sysfs attribute to fc transport device (bsc#1044189).\n- nvmet: fixup crash on NULL device path (bsc#1082979).\n- ovl: modify ovl_permission() to do checks on two inodes (bsc#1106512)\n- ovl: proper cleanup of workdir (bnc#1012382).\n- ovl: rename is_merge to is_lowest (bnc#1012382).\n- PCI: mvebu: Fix I/O space end address calculation (bnc#1012382).\n- platform/x86: asus-nb-wmi: Add keymap entry for lid flip action on UX360 (bnc#1012382).\n- powerpc/64: Do load of PACAKBASE in LOAD_HANDLER (bsc#1094244).\n- powerpc/book3s: Fix MCE console messages for unrecoverable MCE (bsc#1094244).\n- powerpc/fadump: cleanup crash memory ranges support (bsc#1103269).\n- powerpc/fadump: re-register firmware-assisted dump if already registered (bsc#1108170, bsc#1108823).\n- powerpc: Fix size calculation using resource_size() (bnc#1012382).\n- powerpc/mce: Move 64-bit machine check code into mce.c (bsc#1094244).\n- powerpc/perf/hv-24x7: Fix off-by-one error in request_buffer check (git-fixes).\n- powerpc/powernv/ioda2: Reduce upper limit for DMA window size (bsc#1066223).\n- powerpc/powernv: Rename machine_check_pSeries_early() to powernv (bsc#1094244).\n- powerpc/pseries: Avoid using the size greater than RTAS_ERROR_LOG_MAX (bnc#1012382).\n- powerpc/pseries: Disable CPU hotplug across migrations (bsc#1066223).\n- powerpc/pseries: Remove prrn_work workqueue (bsc#1102495, bsc#1109337).\n- powerpc/pseries: Remove unneeded uses of dlpar work queue (bsc#1102495, bsc#1109337).\n- powerpc/tm: Fix userspace r13 corruption (bsc#1109333).\n- RDMA/rw: Fix rdma_rw_ctx_signature_init() kernel-doc header (bsc#1082979).\n- reiserfs: change j_timestamp type to time64_t (bnc#1012382).\n- Revert \u0027ARM: imx_v6_v7_defconfig: Select ULPI support\u0027 (bnc#1012382).\n- s390/dasd: fix hanging offline processing due to canceled worker (bnc#1012382).\n- s390/lib: use expoline for all bcr instructions (LTC#171029 bnc#1012382 bnc#1106934).\n- sch_hhf: fix null pointer dereference on init failure (bnc#1012382).\n- sch_htb: fix crash on init failure (bnc#1012382).\n- sch_multiq: fix double free on init failure (bnc#1012382).\n- sch_netem: avoid null pointer deref on init failure (bnc#1012382).\n- sch_tbf: fix two null pointer dereferences on init failure (bnc#1012382).\n- scripts: modpost: check memory allocation results (bnc#1012382).\n- scsi: aic94xx: fix an error code in aic94xx_init() (bnc#1012382).\n- scsi: ipr: System hung while dlpar adding primary ipr adapter back (bsc#1109336).\n- scsi: qla2xxx: Add changes for devloss timeout in driver (bsc#1084427).\n- scsi: qla2xxx: Add FC-NVMe abort processing (bsc#1084427).\n- scsi: qla2xxx: Add longer window for chip reset (bsc#1094555).\n- scsi: qla2xxx: Avoid double completion of abort command (bsc#1094555).\n- scsi: qla2xxx: Cleanup code to improve FC-NVMe error handling (bsc#1084427).\n- scsi: qla2xxx: Cleanup for N2N code (bsc#1094555).\n- scsi: qla2xxx: correctly shift host byte (bsc#1094555).\n- scsi: qla2xxx: Correct setting of SAM_STAT_CHECK_CONDITION (bsc#1094555).\n- scsi: qla2xxx: Delete session for nport id change (bsc#1094555).\n- scsi: qla2xxx: Fix Async GPN_FT for FCP and FC-NVMe scan (bsc#1084427).\n- scsi: qla2xxx: Fix crash on qla2x00_mailbox_command (bsc#1094555).\n- scsi: qla2xxx: Fix double free bug after firmware timeout (bsc#1094555).\n- scsi: qla2xxx: Fix driver unload by shutting down chip (bsc#1094555).\n- scsi: qla2xxx: fix error message on \u003cqla2400 (bsc#1094555).\n- scsi: qla2xxx: Fix FC-NVMe IO abort during driver reset (bsc#1084427).\n- scsi: qla2xxx: Fix function argument descriptions (bsc#1094555).\n- scsi: qla2xxx: Fix Inquiry command being dropped in Target mode (bsc#1094555).\n- scsi: qla2xxx: Fix issue reported by static checker for qla2x00_els_dcmd2_sp_done() (bsc#1094555).\n- scsi: qla2xxx: Fix login retry count (bsc#1094555).\n- scsi: qla2xxx: Fix Management Server NPort handle reservation logic (bsc#1094555).\n- scsi: qla2xxx: Fix memory leak for allocating abort IOCB (bsc#1094555).\n- scsi: qla2xxx: Fix n2n_ae flag to prevent dev_loss on PDB change (bsc#1084427).\n- scsi: qla2xxx: Fix N2N link re-connect (bsc#1094555).\n- scsi: qla2xxx: Fix NPIV deletion by calling wait_for_sess_deletion (bsc#1094555).\n- scsi: qla2xxx: Fix race between switch cmd completion and timeout (bsc#1094555).\n- scsi: qla2xxx: Fix race condition between iocb timeout and initialisation (bsc#1094555).\n- scsi: qla2xxx: Fix redundant fc_rport registration (bsc#1094555).\n- scsi: qla2xxx: Fix retry for PRLI RJT with reason of BUSY (bsc#1084427).\n- scsi: qla2xxx: Fix Rport and session state getting out of sync (bsc#1094555).\n- scsi: qla2xxx: Fix sending ADISC command for login (bsc#1094555).\n- scsi: qla2xxx: Fix session state stuck in Get Port DB (bsc#1094555).\n- scsi: qla2xxx: Fix stalled relogin (bsc#1094555).\n- scsi: qla2xxx: Fix TMF and Multi-Queue config (bsc#1094555).\n- scsi: qla2xxx: Fix unintended Logout (bsc#1094555).\n- scsi: qla2xxx: Fix unintialized List head crash (bsc#1094555).\n- scsi: qla2xxx: Flush mailbox commands on chip reset (bsc#1094555).\n- scsi: qla2xxx: fx00 copypaste typo (bsc#1094555).\n- scsi: qla2xxx: Migrate NVME N2N handling into state machine (bsc#1094555).\n- scsi: qla2xxx: Move GPSC and GFPNID out of session management (bsc#1094555).\n- scsi: qla2xxx: Prevent relogin loop by removing stale code (bsc#1094555).\n- scsi: qla2xxx: Prevent sysfs access when chip is down (bsc#1094555).\n- scsi: qla2xxx: Reduce redundant ADISC command for RSCNs (bsc#1094555).\n- scsi: qla2xxx: remove irq save in qla2x00_poll() (bsc#1094555).\n- scsi: qla2xxx: Remove nvme_done_list (bsc#1084427).\n- scsi: qla2xxx: Remove stale debug value for login_retry flag (bsc#1094555).\n- scsi: qla2xxx: Remove unneeded message and minor cleanup for FC-NVMe (bsc#1084427).\n- scsi: qla2xxx: Restore ZIO threshold setting (bsc#1084427).\n- scsi: qla2xxx: Return busy if rport going away (bsc#1084427).\n- scsi: qla2xxx: Save frame payload size from ICB (bsc#1094555).\n- scsi: qla2xxx: Set IIDMA and fcport state before qla_nvme_register_remote() (bsc#1084427).\n- scsi: qla2xxx: Silent erroneous message (bsc#1094555).\n- scsi: qla2xxx: Update driver version to 10.00.00.06-k (bsc#1084427).\n- scsi: qla2xxx: Update driver version to 10.00.00.07-k (bsc#1094555).\n- scsi: qla2xxx: Update driver version to 10.00.00.08-k (bsc#1094555).\n- scsi: qla2xxx: Use dma_pool_zalloc() (bsc#1094555).\n- scsi: qla2xxx: Use predefined get_datalen_for_atio() inline function (bsc#1094555).\n- selftests/powerpc: Kill child processes on SIGINT (bnc#1012382).\n- smb3: fix reset of bytes read and written stats (bnc#1012382).\n- SMB3: Number of requests sent should be displayed for SMB3 not just CIFS (bnc#1012382).\n- staging: android: ion: fix ION_IOC_{MAP,SHARE} use-after-free (bnc#1012382).\n- staging: comedi: ni_mio_common: fix subdevice flags for PFI subdevice (bnc#1012382).\n- tcp: do not restart timewait timer on rst reception (bnc#1012382).\n- Update patches.suse/dm-Always-copy-cmd_flags-when-cloning-a-request.patch (bsc#1088087, bsc#1103156).\n- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).\n- vti6: remove !skb-\u003eignore_df check from vti6_xmit() (bnc#1012382).\n- watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).\n- x86/entry/64: Remove %ebx handling from error_entry/exit (bnc#1102715).\n- x86/pae: use 64 bit atomic xchg function in native_ptep_get_and_clear (bnc#1012382).\n- x86/speculation/l1tf: Fix up pte-\u003epfn conversion for PAE (bnc#1012382).\n- xen: avoid crash in disable_hotplug_cpu (bsc#1106594).\n- xfs: add a new xfs_iext_lookup_extent_before helper (bsc#1095344).\n- xfs: add asserts for the mmap lock in xfs_{insert,collapse}_file_space (bsc#1095344).\n- xfs: add a xfs_bmap_fork_to_state helper (bsc#1095344).\n- xfs: add a xfs_iext_update_extent helper (bsc#1095344).\n- xfs: add comments documenting the rebalance algorithm (bsc#1095344).\n- xfs: add some comments to xfs_iext_insert/xfs_iext_insert_node (bsc#1095344).\n- xfs: add xfs_trim_extent (bsc#1095344).\n- xfs: allow unaligned extent records in xfs_bmbt_disk_set_all (bsc#1095344).\n- xfs: borrow indirect blocks from freed extent when available (bsc#1095344).\n- xfs: cleanup xfs_bmap_last_before (bsc#1095344).\n- xfs: do not create overlapping extents in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: do not rely on extent indices in xfs_bmap_insert_extents (bsc#1095344).\n- xfs: do not set XFS_BTCUR_BPRV_WASDEL in xfs_bunmapi (bsc#1095344).\n- xfs: during btree split, save new block key and ptr for future insertion (bsc#1095344).\n- xfs: factor out a helper to initialize a local format inode fork (bsc#1095344).\n- xfs: fix memory leak in xfs_iext_free_last_leaf (bsc#1095344).\n- xfs: fix number of records handling in xfs_iext_split_leaf (bsc#1095344).\n- xfs: fix transaction allocation deadlock in IO path (bsc#1090535).\n- xfs: handle indlen shortage on delalloc extent merge (bsc#1095344).\n- xfs: handle zero entries case in xfs_iext_rebalance_leaf (bsc#1095344).\n- xfs: improve kmem_realloc (bsc#1095344).\n- xfs: inline xfs_shift_file_space into callers (bsc#1095344).\n- xfs: introduce the xfs_iext_cursor abstraction (bsc#1095344).\n- xfs: iterate over extents in xfs_bmap_extents_to_btree (bsc#1095344).\n- xfs: iterate over extents in xfs_iextents_copy (bsc#1095344).\n- xfs: make better use of the \u0027state\u0027 variable in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: merge xfs_bmap_read_extents into xfs_iread_extents (bsc#1095344).\n- xfs: move pre/post-bmap tracing into xfs_iext_update_extent (bsc#1095344).\n- xfs: move some code around inside xfs_bmap_shift_extents (bsc#1095344).\n- xfs: move some more code into xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: move xfs_bmbt_irec and xfs_exntst_t to xfs_types.h (bsc#1095344).\n- xfs: move xfs_iext_insert tracepoint to report useful information (bsc#1095344).\n- xfs: new inode extent list lookup helpers (bsc#1095344).\n- xfs: only run torn log write detection on dirty logs (bsc#1095753).\n- xfs: pass an on-disk extent to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_lookup_eq (bsc#1095344).\n- xfs: pass a struct xfs_bmbt_irec to xfs_bmbt_update (bsc#1095344).\n- xfs: pass struct xfs_bmbt_irec to xfs_bmbt_validate_extent (bsc#1095344).\n- xfs: provide helper for counting extents from if_bytes (bsc#1095344).\n- xfs: refactor delalloc accounting in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor delalloc indlen reservation split into helper (bsc#1095344).\n- xfs: refactor dir2 leaf readahead shadow buffer cleverness (bsc#1095344).\n- xfs: refactor in-core log state update to helper (bsc#1095753).\n- xfs: refactor unmount record detection into helper (bsc#1095753).\n- xfs: refactor xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: refactor xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: refactor xfs_bunmapi_cow (bsc#1095344).\n- xfs: refactor xfs_del_extent_real (bsc#1095344).\n- xfs: remove a duplicate assignment in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: remove all xfs_bmbt_set_* helpers except for xfs_bmbt_set_all (bsc#1095344).\n- xfs: remove a superflous assignment in xfs_iext_remove_node (bsc#1095344).\n- xfs: remove if_rdev (bsc#1095344).\n- xfs: remove prev argument to xfs_bmapi_reserve_delalloc (bsc#1095344).\n- xfs: remove support for inlining data/extents into the inode fork (bsc#1095344).\n- xfs: remove the never fully implemented UUID fork format (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_insert (bsc#1095344).\n- xfs: remove the nr_extents argument to xfs_iext_remove (bsc#1095344).\n- xfs: remove XFS_BMAP_MAX_SHIFT_EXTENTS (bsc#1095344).\n- xfs: remove XFS_BMAP_TRACE_EXLIST (bsc#1095344).\n- xfs: remove xfs_bmbt_get_state (bsc#1095344).\n- xfs: remove xfs_bmse_shift_one (bsc#1095344).\n- xfs: rename bno to end in __xfs_bunmapi (bsc#1095344).\n- xfs: replace xfs_bmbt_lookup_ge with xfs_bmbt_lookup_first (bsc#1095344).\n- xfs: replace xfs_qm_get_rtblks with a direct call to xfs_bmap_count_leaves (bsc#1095344).\n- xfs: rewrite getbmap using the xfs_iext_* helpers (bsc#1095344).\n- xfs: rewrite xfs_bmap_count_leaves using xfs_iext_get_extent (bsc#1095344).\n- xfs: rewrite xfs_bmap_first_unused to make better use of xfs_iext_get_extent (bsc#1095344).\n- xfs: separate log head record discovery from verification (bsc#1095753).\n- xfs: simplify the xfs_getbmap interface (bsc#1095344).\n- xfs: simplify validation of the unwritten extent bit (bsc#1095344).\n- xfs: split indlen reservations fairly when under reserved (bsc#1095344).\n- xfs: split xfs_bmap_shift_extents (bsc#1095344).\n- xfs: switch xfs_bmap_local_to_extents to use xfs_iext_insert (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_delay_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_delay (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_hole_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_add_extent_unwritten_real (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_collapse_extents (bsc#1095344).\n- xfs: treat idx as a cursor in xfs_bmap_del_extent_* (bsc#1095344).\n- xfs: update freeblocks counter after extent deletion (bsc#1095344).\n- xfs: update got in xfs_bmap_shift_update_extent (bsc#1095344).\n- xfs: use a b+tree for the in-core extent list (bsc#1095344).\n- xfs: use correct state defines in xfs_bmap_del_extent_{cow,delay} (bsc#1095344).\n- xfs: use new extent lookup helpers in xfs_bmapi_read (bsc#1095344).\n- xfs: use new extent lookup helpers in xfs_bmapi_write (bsc#1095344).\n- xfs: use new extent lookup helpers in __xfs_bunmapi (bsc#1095344).\n- xfs: use the state defines in xfs_bmap_del_extent_real (bsc#1095344).\n- xfs: use xfs_bmap_del_extent_delay for the data fork as well (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_shift_extents (bsc#1095344).\n- xfs: use xfs_iext_*_extent helpers in xfs_bmap_split_extent_at (bsc#1095344).\n- xfs: use xfs_iext_get_extent instead of open coding it (bsc#1095344).\n- xfs: use xfs_iext_get_extent in xfs_bmap_first_unused (bsc#1095344).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Live-Patching-12-SP3-2018-2135",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3004-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:3004-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183004-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:3004-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004641.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1044189",
"url": "https://bugzilla.suse.com/1044189"
},
{
"category": "self",
"summary": "SUSE Bug 1063026",
"url": "https://bugzilla.suse.com/1063026"
},
{
"category": "self",
"summary": "SUSE Bug 1066223",
"url": "https://bugzilla.suse.com/1066223"
},
{
"category": "self",
"summary": "SUSE Bug 1082863",
"url": "https://bugzilla.suse.com/1082863"
},
{
"category": "self",
"summary": "SUSE Bug 1082979",
"url": "https://bugzilla.suse.com/1082979"
},
{
"category": "self",
"summary": "SUSE Bug 1084427",
"url": "https://bugzilla.suse.com/1084427"
},
{
"category": "self",
"summary": "SUSE Bug 1084536",
"url": "https://bugzilla.suse.com/1084536"
},
{
"category": "self",
"summary": "SUSE Bug 1087209",
"url": "https://bugzilla.suse.com/1087209"
},
{
"category": "self",
"summary": "SUSE Bug 1088087",
"url": "https://bugzilla.suse.com/1088087"
},
{
"category": "self",
"summary": "SUSE Bug 1090535",
"url": "https://bugzilla.suse.com/1090535"
},
{
"category": "self",
"summary": "SUSE Bug 1091815",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "self",
"summary": "SUSE Bug 1094244",
"url": "https://bugzilla.suse.com/1094244"
},
{
"category": "self",
"summary": "SUSE Bug 1094555",
"url": "https://bugzilla.suse.com/1094555"
},
{
"category": "self",
"summary": "SUSE Bug 1094562",
"url": "https://bugzilla.suse.com/1094562"
},
{
"category": "self",
"summary": "SUSE Bug 1095344",
"url": "https://bugzilla.suse.com/1095344"
},
{
"category": "self",
"summary": "SUSE Bug 1095753",
"url": "https://bugzilla.suse.com/1095753"
},
{
"category": "self",
"summary": "SUSE Bug 1096547",
"url": "https://bugzilla.suse.com/1096547"
},
{
"category": "self",
"summary": "SUSE Bug 1099810",
"url": "https://bugzilla.suse.com/1099810"
},
{
"category": "self",
"summary": "SUSE Bug 1102495",
"url": "https://bugzilla.suse.com/1102495"
},
{
"category": "self",
"summary": "SUSE Bug 1102715",
"url": "https://bugzilla.suse.com/1102715"
},
{
"category": "self",
"summary": "SUSE Bug 1102870",
"url": "https://bugzilla.suse.com/1102870"
},
{
"category": "self",
"summary": "SUSE Bug 1102875",
"url": "https://bugzilla.suse.com/1102875"
},
{
"category": "self",
"summary": "SUSE Bug 1102877",
"url": "https://bugzilla.suse.com/1102877"
},
{
"category": "self",
"summary": "SUSE Bug 1102879",
"url": "https://bugzilla.suse.com/1102879"
},
{
"category": "self",
"summary": "SUSE Bug 1102882",
"url": "https://bugzilla.suse.com/1102882"
},
{
"category": "self",
"summary": "SUSE Bug 1102896",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "self",
"summary": "SUSE Bug 1103156",
"url": "https://bugzilla.suse.com/1103156"
},
{
"category": "self",
"summary": "SUSE Bug 1103269",
"url": "https://bugzilla.suse.com/1103269"
},
{
"category": "self",
"summary": "SUSE Bug 1106095",
"url": "https://bugzilla.suse.com/1106095"
},
{
"category": "self",
"summary": "SUSE Bug 1106434",
"url": "https://bugzilla.suse.com/1106434"
},
{
"category": "self",
"summary": "SUSE Bug 1106512",
"url": "https://bugzilla.suse.com/1106512"
},
{
"category": "self",
"summary": "SUSE Bug 1106594",
"url": "https://bugzilla.suse.com/1106594"
},
{
"category": "self",
"summary": "SUSE Bug 1106934",
"url": "https://bugzilla.suse.com/1106934"
},
{
"category": "self",
"summary": "SUSE Bug 1107924",
"url": "https://bugzilla.suse.com/1107924"
},
{
"category": "self",
"summary": "SUSE Bug 1108096",
"url": "https://bugzilla.suse.com/1108096"
},
{
"category": "self",
"summary": "SUSE Bug 1108170",
"url": "https://bugzilla.suse.com/1108170"
},
{
"category": "self",
"summary": "SUSE Bug 1108240",
"url": "https://bugzilla.suse.com/1108240"
},
{
"category": "self",
"summary": "SUSE Bug 1108399",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "self",
"summary": "SUSE Bug 1108803",
"url": "https://bugzilla.suse.com/1108803"
},
{
"category": "self",
"summary": "SUSE Bug 1108823",
"url": "https://bugzilla.suse.com/1108823"
},
{
"category": "self",
"summary": "SUSE Bug 1109333",
"url": "https://bugzilla.suse.com/1109333"
},
{
"category": "self",
"summary": "SUSE Bug 1109336",
"url": "https://bugzilla.suse.com/1109336"
},
{
"category": "self",
"summary": "SUSE Bug 1109337",
"url": "https://bugzilla.suse.com/1109337"
},
{
"category": "self",
"summary": "SUSE Bug 1109441",
"url": "https://bugzilla.suse.com/1109441"
},
{
"category": "self",
"summary": "SUSE Bug 1110297",
"url": "https://bugzilla.suse.com/1110297"
},
{
"category": "self",
"summary": "SUSE Bug 1110337",
"url": "https://bugzilla.suse.com/1110337"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14613 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14617 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16276 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16597 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17182 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7480 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7757 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7757/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-10-04T12:01:39Z",
"generator": {
"date": "2018-10-04T12:01:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:3004-1",
"initial_release_date": "2018-10-04T12:01:39Z",
"revision_history": [
{
"date": "2018-10-04T12:01:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"product": {
"name": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"product_id": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64",
"product": {
"name": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64",
"product_id": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12:sp3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le"
},
"product_reference": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64 as component of SUSE Linux Enterprise Live Patching 12 SP3",
"product_id": "SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
},
"product_reference": "kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12 SP3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14613"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14613",
"url": "https://www.suse.com/security/cve/CVE-2018-14613"
},
{
"category": "external",
"summary": "SUSE Bug 1102896 for CVE-2018-14613",
"url": "https://bugzilla.suse.com/1102896"
},
{
"category": "external",
"summary": "SUSE Bug 1103800 for CVE-2018-14613",
"url": "https://bugzilla.suse.com/1103800"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2018-14613"
},
{
"cve": "CVE-2018-14617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14617"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14617",
"url": "https://www.suse.com/security/cve/CVE-2018-14617"
},
{
"category": "external",
"summary": "SUSE Bug 1102870 for CVE-2018-14617",
"url": "https://bugzilla.suse.com/1102870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2018-14617"
},
{
"cve": "CVE-2018-16276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16276"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16276",
"url": "https://www.suse.com/security/cve/CVE-2018-16276"
},
{
"category": "external",
"summary": "SUSE Bug 1106095 for CVE-2018-16276",
"url": "https://bugzilla.suse.com/1106095"
},
{
"category": "external",
"summary": "SUSE Bug 1115593 for CVE-2018-16276",
"url": "https://bugzilla.suse.com/1115593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:39Z",
"details": "important"
}
],
"title": "CVE-2018-16276"
},
{
"cve": "CVE-2018-16597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16597"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16597",
"url": "https://www.suse.com/security/cve/CVE-2018-16597"
},
{
"category": "external",
"summary": "SUSE Bug 1106512 for CVE-2018-16597",
"url": "https://bugzilla.suse.com/1106512"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2018-16597"
},
{
"cve": "CVE-2018-17182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17182"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17182",
"url": "https://www.suse.com/security/cve/CVE-2018-17182"
},
{
"category": "external",
"summary": "SUSE Bug 1108399 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "external",
"summary": "SUSE Bug 1110233 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1110233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2018-17182"
},
{
"cve": "CVE-2018-7480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7480"
}
],
"notes": [
{
"category": "general",
"text": "The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7480",
"url": "https://www.suse.com/security/cve/CVE-2018-7480"
},
{
"category": "external",
"summary": "SUSE Bug 1082863 for CVE-2018-7480",
"url": "https://bugzilla.suse.com/1082863"
},
{
"category": "external",
"summary": "SUSE Bug 1084536 for CVE-2018-7480",
"url": "https://bugzilla.suse.com/1084536"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2018-7480"
},
{
"cve": "CVE-2018-7757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7757"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7757",
"url": "https://www.suse.com/security/cve/CVE-2018-7757"
},
{
"category": "external",
"summary": "SUSE Bug 1084536 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1084536"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087209 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1087209"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.ppc64le",
"SUSE Linux Enterprise Live Patching 12 SP3:kgraft-patch-4_4_156-94_57-default-1-4.3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-04T12:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2018-7757"
}
]
}
SUSE-SU-2018:3032-1
Vulnerability from csaf_suse - Published: 2018-10-05 13:22 - Updated: 2018-10-05 13:22Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive a security fix.
The following security bug was fixed:
- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399).
Patchnames: SUSE-SLE-Module-Public-Cloud-12-2018-2163,SUSE-SLE-SERVER-12-SP1-2018-2163
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.107.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.107.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.107.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.107.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive a security fix.\n\nThe following security bug was fixed:\n\n- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Public-Cloud-12-2018-2163,SUSE-SLE-SERVER-12-SP1-2018-2163",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3032-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:3032-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183032-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:3032-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004646.html"
},
{
"category": "self",
"summary": "SUSE Bug 1108399",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17182 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17182/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-10-05T13:22:01Z",
"generator": {
"date": "2018-10-05T13:22:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:3032-1",
"initial_release_date": "2018-10-05T13:22:01Z",
"revision_history": [
{
"date": "2018-10-05T13:22:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.74-60.64.107.1.noarch",
"product": {
"name": "kernel-devel-3.12.74-60.64.107.1.noarch",
"product_id": "kernel-devel-3.12.74-60.64.107.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.74-60.64.107.1.noarch",
"product": {
"name": "kernel-macros-3.12.74-60.64.107.1.noarch",
"product_id": "kernel-macros-3.12.74-60.64.107.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.74-60.64.107.1.noarch",
"product": {
"name": "kernel-source-3.12.74-60.64.107.1.noarch",
"product_id": "kernel-source-3.12.74-60.64.107.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.107.1.ppc64le",
"product": {
"name": "kernel-default-3.12.74-60.64.107.1.ppc64le",
"product_id": "kernel-default-3.12.74-60.64.107.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.107.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.74-60.64.107.1.ppc64le",
"product_id": "kernel-default-base-3.12.74-60.64.107.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.107.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.107.1.ppc64le",
"product_id": "kernel-default-devel-3.12.74-60.64.107.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.107.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.74-60.64.107.1.ppc64le",
"product_id": "kernel-syms-3.12.74-60.64.107.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.107.1.s390x",
"product": {
"name": "kernel-default-3.12.74-60.64.107.1.s390x",
"product_id": "kernel-default-3.12.74-60.64.107.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.107.1.s390x",
"product": {
"name": "kernel-default-base-3.12.74-60.64.107.1.s390x",
"product_id": "kernel-default-base-3.12.74-60.64.107.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.107.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.107.1.s390x",
"product_id": "kernel-default-devel-3.12.74-60.64.107.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.74-60.64.107.1.s390x",
"product": {
"name": "kernel-default-man-3.12.74-60.64.107.1.s390x",
"product_id": "kernel-default-man-3.12.74-60.64.107.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.107.1.s390x",
"product": {
"name": "kernel-syms-3.12.74-60.64.107.1.s390x",
"product_id": "kernel-syms-3.12.74-60.64.107.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-ec2-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-ec2-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-default-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-default-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-default-base-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-default-devel-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-syms-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-syms-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-xen-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-xen-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-xen-base-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.107.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.ppc64le"
},
"product_reference": "kernel-default-3.12.74-60.64.107.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.107.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.s390x"
},
"product_reference": "kernel-default-3.12.74-60.64.107.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.107.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.74-60.64.107.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.107.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.s390x"
},
"product_reference": "kernel-default-base-3.12.74-60.64.107.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.107.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.107.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.107.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.107.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.74-60.64.107.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.107.1.s390x"
},
"product_reference": "kernel-default-man-3.12.74-60.64.107.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.107.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.107.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.107.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.107.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.107.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.107.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.107.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.107.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.107.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.107.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.74-60.64.107.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.107.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.s390x"
},
"product_reference": "kernel-syms-3.12.74-60.64.107.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-17182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17182"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17182",
"url": "https://www.suse.com/security/cve/CVE-2018-17182"
},
{
"category": "external",
"summary": "SUSE Bug 1108399 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "external",
"summary": "SUSE Bug 1110233 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1110233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-05T13:22:01Z",
"details": "moderate"
}
],
"title": "CVE-2018-17182"
}
]
}
SUSE-SU-2018:3032-2
Vulnerability from csaf_suse - Published: 2019-03-22 09:42 - Updated: 2019-03-22 09:42Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive a security fix.
The following security bug was fixed:
- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399).
Patchnames: SUSE-SLE-SAP-12-SP1-2019-526
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.107.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.107.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.107.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.107.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive a security fix.\n\nThe following security bug was fixed:\n\n- CVE-2018-17182: The vmacache_flush_all function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations (bnc#1108399).\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SAP-12-SP1-2019-526",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3032-2.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:3032-2",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183032-2/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:3032-2",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2019-March/005220.html"
},
{
"category": "self",
"summary": "SUSE Bug 1108399",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17182 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17182/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-03-22T09:42:51Z",
"generator": {
"date": "2019-03-22T09:42:51Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:3032-2",
"initial_release_date": "2019-03-22T09:42:51Z",
"revision_history": [
{
"date": "2019-03-22T09:42:51Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.74-60.64.107.1.noarch",
"product": {
"name": "kernel-devel-3.12.74-60.64.107.1.noarch",
"product_id": "kernel-devel-3.12.74-60.64.107.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.74-60.64.107.1.noarch",
"product": {
"name": "kernel-macros-3.12.74-60.64.107.1.noarch",
"product_id": "kernel-macros-3.12.74-60.64.107.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.74-60.64.107.1.noarch",
"product": {
"name": "kernel-source-3.12.74-60.64.107.1.noarch",
"product_id": "kernel-source-3.12.74-60.64.107.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-default-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-default-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-default-base-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-default-devel-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-syms-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-syms-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-xen-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-xen-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-xen-base-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"product_id": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.107.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.107.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.107.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.107.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.107.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.107.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.107.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.107.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.107.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.107.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-17182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17182"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17182",
"url": "https://www.suse.com/security/cve/CVE-2018-17182"
},
{
"category": "external",
"summary": "SUSE Bug 1108399 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "external",
"summary": "SUSE Bug 1110233 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1110233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.107.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.107.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_107-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-22T09:42:51Z",
"details": "moderate"
}
],
"title": "CVE-2018-17182"
}
]
}
SUSE-SU-2018:3083-1
Vulnerability from csaf_suse - Published: 2018-10-09 11:15 - Updated: 2018-10-09 11:15Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a
local attacker to exploit this vulnerability via a SUID-root binary and obtain
full root privileges (bsc#1108912)
- CVE-2018-14617: Prevent NULL pointer dereference and panic in
hfsplus_lookup() when opening a file (that is purportedly a hard link) in an
hfs+ filesystem that has malformed catalog data, and is mounted read-only
without a metadata directory (bsc#1102870)
- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in
yurex_read allowed local attackers to use user access read/writes to crash the
kernel or potentially escalate privileges (bsc#1106095)
- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was
caused by the way the overrun accounting works. Depending on interval and
expiry time values, the overrun can be larger than INT_MAX, but the accounting
is int based. This basically made the accounting values, which are visible to
user space via timer_getoverrun(2) and siginfo::si_overrun, random. This
allowed a local user to cause a denial of service (signed integer overflow) via
crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)
- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()
on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image.
This occured because of a lack of proper validation that cached inodes are free
during allocation (bnc#1100001)
- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local
attackers to use a incorrect bounds check in the CDROM driver
CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)
- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that
could have been used by local attackers to read kernel memory (bnc#1107689)
- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a
denial of service (ias_object use-after-free and system crash) or possibly have
unspecified other impact via an AF_IRDA socket (bnc#1106511)
- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed
local users to cause a denial of service (memory consumption) by repeatedly
binding an AF_IRDA socket (bnc#1106509)
- CVE-2018-10853: The KVM hypervisor did not check current privilege(CPL) level
while emulating unprivileged instructions. An unprivileged guest user/process
could have used this flaw to potentially escalate privileges inside guest
(bsc#1097104)
- CVE-2018-10902: Protect against concurrent access to prevent double realloc
(double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A
malicious local attacker could have used this for privilege escalation
(bnc#1105322).
- CVE-2018-10879: A local user could have caused a use-after-free in
ext4_xattr_set_entry function and a denial of service or unspecified other
impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)
- CVE-2018-10883: A local user could have caused an out-of-bounds write in
jbd2_journal_dirty_metadata(), a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099863)
- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code
when mounting and writing to a crafted ext4 image in ext4_update_inline_data().
An attacker could have used this to cause a system crash and a denial of
service (bsc#1099845)
- CVE-2018-10882: A local user could have caused an out-of-bound write, a
denial of service, and a system crash by unmounting a crafted ext4 filesystem
image (bsc#1099849)
- CVE-2018-10881: A local user could have caused an out-of-bound access in
ext4_get_group_info function, a denial of service, and a system crash by
mounting and operating on a crafted ext4 filesystem image (bsc#1099864)
- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()
function when operating on a crafted ext4 filesystem image (bsc#1099846)
- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()
function when mounting and operating a crafted ext4 image (bsc#1099811)
- CVE-2018-10878: A local user could have caused an out-of-bounds write and a
denial of service or unspecified other impact by mounting and operating a
crafted ext4 filesystem image (bsc#1099813)
- CVE-2018-17182: An issue was discovered in the Linux kernel The
vmacache_flush_all function in mm/vmacache.c mishandled sequence number
overflows. An attacker can trigger a use-after-free (and possibly gain
privileges) via certain thread creation, map, unmap, invalidation,
and dereference operations (bnc#1108399).
The following non-security bugs were fixed:
- bcache: avoid unncessary cache prefetch bch_btree_node_get().
- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.
- bcache: display rate debug parameters to 0 when writeback is not running.
- bcache: do not check return value of debugfs_create_dir().
- bcache: finish incremental GC.
- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).
- bcache: fix I/O significant decline while backend devices registering.
- bcache: free heap cache_set->flush_btree in bch_journal_free.
- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.
- bcache: release dc->writeback_lock properly in bch_writeback_thread().
- bcache: set max writeback rate when I/O request is idle (bsc#1064232).
- bcache: simplify the calculation of the total amount of flash dirty data.
- Do not report CPU affected by L1TF when ARCH_CAP_RDCL_NO bit is set (bsc#1104906).
- ext4: check for allocation block validity with block group locked (bsc#1104495).
- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).
- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).
- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).
- kABI: protect struct x86_emulate_ops (kabi).
- KEYS: prevent creating a different user's keyrings (bnc#1065999).
- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).
- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).
- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).
- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).
- KVM: VMX: Work around kABI breakage in 'enum vmx_l1d_flush_state' (bsc#1106369).
- updated sssbd handling (bsc#1093215, bsc#1105412).
- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).
- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).
- sched/sysctl: Check user input value of sysctl_sched_time_avg (bsc#1100089).
Patchnames: SUSE-SLE-Module-Public-Cloud-12-2018-2185,SUSE-SLE-SERVER-12-2018-2185
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
8.4 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.7 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.6 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.6 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.2 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
6.1 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.3 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
4 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
4.4 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
121 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-14634: Prevent integer overflow in create_elf_tables that allowed a\n local attacker to exploit this vulnerability via a SUID-root binary and obtain\n full root privileges (bsc#1108912)\n- CVE-2018-14617: Prevent NULL pointer dereference and panic in\n hfsplus_lookup() when opening a file (that is purportedly a hard link) in an\n hfs+ filesystem that has malformed catalog data, and is mounted read-only\n without a metadata directory (bsc#1102870)\n- CVE-2018-16276: Incorrect bounds checking in the yurex USB driver in\n yurex_read allowed local attackers to use user access read/writes to crash the\n kernel or potentially escalate privileges (bsc#1106095)\n- CVE-2018-12896: Prevent integer overflow in the POSIX timer code that was\n caused by the way the overrun accounting works. Depending on interval and\n expiry time values, the overrun can be larger than INT_MAX, but the accounting\n is int based. This basically made the accounting values, which are visible to\n user space via timer_getoverrun(2) and siginfo::si_overrun, random. This\n allowed a local user to cause a denial of service (signed integer overflow) via\n crafted mmap, futex, timer_create, and timer_settime system calls (bnc#1099922)\n- CVE-2018-13093: Prevent NULL pointer dereference and panic in lookup_slow()\n on a NULL inode-\u003ei_ops pointer when doing pathwalks on a corrupted xfs image.\n This occured because of a lack of proper validation that cached inodes are free\n during allocation (bnc#1100001)\n- CVE-2018-10940: The cdrom_ioctl_media_changed function allowed local\n attackers to use a incorrect bounds check in the CDROM driver\n CDROM_MEDIA_CHANGED ioctl to read out kernel memory (bsc#1092903)\n- CVE-2018-16658: Prevent information leak in cdrom_ioctl_drive_status that\n could have been used by local attackers to read kernel memory (bnc#1107689)\n- CVE-2018-6555: The irda_setsockopt function allowed local users to cause a\n denial of service (ias_object use-after-free and system crash) or possibly have\n unspecified other impact via an AF_IRDA socket (bnc#1106511)\n- CVE-2018-6554: Prevent memory leak in the irda_bind function that allowed\n local users to cause a denial of service (memory consumption) by repeatedly\n binding an AF_IRDA socket (bnc#1106509)\n- CVE-2018-10853: The KVM hypervisor did not check current privilege(CPL) level\n while emulating unprivileged instructions. An unprivileged guest user/process\n could have used this flaw to potentially escalate privileges inside guest\n (bsc#1097104)\n- CVE-2018-10902: Protect against concurrent access to prevent double realloc\n (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status(). A\n malicious local attacker could have used this for privilege escalation\n (bnc#1105322).\n- CVE-2018-10879: A local user could have caused a use-after-free in\n ext4_xattr_set_entry function and a denial of service or unspecified other\n impact by renaming a file in a crafted ext4 filesystem image (bsc#1099844)\n- CVE-2018-10883: A local user could have caused an out-of-bounds write in\n jbd2_journal_dirty_metadata(), a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099863)\n- CVE-2018-10880: Prevent stack-out-of-bounds write in the ext4 filesystem code\n when mounting and writing to a crafted ext4 image in ext4_update_inline_data().\n An attacker could have used this to cause a system crash and a denial of\n service (bsc#1099845)\n- CVE-2018-10882: A local user could have caused an out-of-bound write, a\n denial of service, and a system crash by unmounting a crafted ext4 filesystem\n image (bsc#1099849)\n- CVE-2018-10881: A local user could have caused an out-of-bound access in\n ext4_get_group_info function, a denial of service, and a system crash by\n mounting and operating on a crafted ext4 filesystem image (bsc#1099864)\n- CVE-2018-10877: Prevent out-of-bound access in the ext4_ext_drop_refs()\n function when operating on a crafted ext4 filesystem image (bsc#1099846)\n- CVE-2018-10876: A use-after-free was possible in ext4_ext_remove_space()\n function when mounting and operating a crafted ext4 image (bsc#1099811)\n- CVE-2018-10878: A local user could have caused an out-of-bounds write and a\n denial of service or unspecified other impact by mounting and operating a\n crafted ext4 filesystem image (bsc#1099813)\n- CVE-2018-17182: An issue was discovered in the Linux kernel The\n vmacache_flush_all function in mm/vmacache.c mishandled sequence number\n overflows. An attacker can trigger a use-after-free (and possibly gain\n privileges) via certain thread creation, map, unmap, invalidation,\n and dereference operations (bnc#1108399).\n\nThe following non-security bugs were fixed:\n\n- bcache: avoid unncessary cache prefetch bch_btree_node_get().\n- bcache: calculate the number of incremental GC nodes according to the total of btree nodes.\n- bcache: display rate debug parameters to 0 when writeback is not running.\n- bcache: do not check return value of debugfs_create_dir().\n- bcache: finish incremental GC.\n- bcache: fix error setting writeback_rate through sysfs interface (bsc#1064232).\n- bcache: fix I/O significant decline while backend devices registering.\n- bcache: free heap cache_set-\u003eflush_btree in bch_journal_free.\n- bcache: make the pr_err statement used for ENOENT only in sysfs_attatch section.\n- bcache: release dc-\u003ewriteback_lock properly in bch_writeback_thread().\n- bcache: set max writeback rate when I/O request is idle (bsc#1064232).\n- bcache: simplify the calculation of the total amount of flash dirty data.\n- Do not report CPU affected by L1TF when ARCH_CAP_RDCL_NO bit is set (bsc#1104906).\n- ext4: check for allocation block validity with block group locked (bsc#1104495).\n- ext4: do not update checksum of new initialized bitmaps (bnc#1012382).\n- ext4: fix check to prevent initializing reserved inodes (bsc#1104319).\n- ext4: fix false negatives *and* false positives in ext4_check_descriptors() (bsc#1103445).\n- kABI: protect struct x86_emulate_ops (kabi).\n- KEYS: prevent creating a different user\u0027s keyrings (bnc#1065999).\n- KVM: MMU: always terminate page walks at level 1 (bsc#1062604).\n- KVM: MMU: simplify last_pte_bitmap (bsc#1062604).\n- KVM: nVMX: update last_nonleaf_level when initializing nested EPT (bsc#1062604).\n- KVM: VMX: fixes for vmentry_l1d_flush module parameter (bsc#1106369).\n- KVM: VMX: Work around kABI breakage in \u0027enum vmx_l1d_flush_state\u0027 (bsc#1106369).\n- updated sssbd handling (bsc#1093215, bsc#1105412).\n- usbip: vhci_sysfs: fix potential Spectre v1 (bsc#1096547).\n- x86/speculation: Use ARCH_CAPABILITIES to skip L1D flush on vmentry (bsc#1106369).\n- sched/sysctl: Check user input value of sysctl_sched_time_avg (bsc#1100089).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Public-Cloud-12-2018-2185,SUSE-SLE-SERVER-12-2018-2185",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_3083-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:3083-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20183083-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:3083-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-October/004659.html"
},
{
"category": "self",
"summary": "SUSE Bug 1012382",
"url": "https://bugzilla.suse.com/1012382"
},
{
"category": "self",
"summary": "SUSE Bug 1062604",
"url": "https://bugzilla.suse.com/1062604"
},
{
"category": "self",
"summary": "SUSE Bug 1064232",
"url": "https://bugzilla.suse.com/1064232"
},
{
"category": "self",
"summary": "SUSE Bug 1065999",
"url": "https://bugzilla.suse.com/1065999"
},
{
"category": "self",
"summary": "SUSE Bug 1092903",
"url": "https://bugzilla.suse.com/1092903"
},
{
"category": "self",
"summary": "SUSE Bug 1093215",
"url": "https://bugzilla.suse.com/1093215"
},
{
"category": "self",
"summary": "SUSE Bug 1096547",
"url": "https://bugzilla.suse.com/1096547"
},
{
"category": "self",
"summary": "SUSE Bug 1097104",
"url": "https://bugzilla.suse.com/1097104"
},
{
"category": "self",
"summary": "SUSE Bug 1099811",
"url": "https://bugzilla.suse.com/1099811"
},
{
"category": "self",
"summary": "SUSE Bug 1099813",
"url": "https://bugzilla.suse.com/1099813"
},
{
"category": "self",
"summary": "SUSE Bug 1099844",
"url": "https://bugzilla.suse.com/1099844"
},
{
"category": "self",
"summary": "SUSE Bug 1099845",
"url": "https://bugzilla.suse.com/1099845"
},
{
"category": "self",
"summary": "SUSE Bug 1099846",
"url": "https://bugzilla.suse.com/1099846"
},
{
"category": "self",
"summary": "SUSE Bug 1099849",
"url": "https://bugzilla.suse.com/1099849"
},
{
"category": "self",
"summary": "SUSE Bug 1099863",
"url": "https://bugzilla.suse.com/1099863"
},
{
"category": "self",
"summary": "SUSE Bug 1099864",
"url": "https://bugzilla.suse.com/1099864"
},
{
"category": "self",
"summary": "SUSE Bug 1099922",
"url": "https://bugzilla.suse.com/1099922"
},
{
"category": "self",
"summary": "SUSE Bug 1100001",
"url": "https://bugzilla.suse.com/1100001"
},
{
"category": "self",
"summary": "SUSE Bug 1100089",
"url": "https://bugzilla.suse.com/1100089"
},
{
"category": "self",
"summary": "SUSE Bug 1102870",
"url": "https://bugzilla.suse.com/1102870"
},
{
"category": "self",
"summary": "SUSE Bug 1103445",
"url": "https://bugzilla.suse.com/1103445"
},
{
"category": "self",
"summary": "SUSE Bug 1104319",
"url": "https://bugzilla.suse.com/1104319"
},
{
"category": "self",
"summary": "SUSE Bug 1104495",
"url": "https://bugzilla.suse.com/1104495"
},
{
"category": "self",
"summary": "SUSE Bug 1104906",
"url": "https://bugzilla.suse.com/1104906"
},
{
"category": "self",
"summary": "SUSE Bug 1105322",
"url": "https://bugzilla.suse.com/1105322"
},
{
"category": "self",
"summary": "SUSE Bug 1105412",
"url": "https://bugzilla.suse.com/1105412"
},
{
"category": "self",
"summary": "SUSE Bug 1106095",
"url": "https://bugzilla.suse.com/1106095"
},
{
"category": "self",
"summary": "SUSE Bug 1106369",
"url": "https://bugzilla.suse.com/1106369"
},
{
"category": "self",
"summary": "SUSE Bug 1106509",
"url": "https://bugzilla.suse.com/1106509"
},
{
"category": "self",
"summary": "SUSE Bug 1106511",
"url": "https://bugzilla.suse.com/1106511"
},
{
"category": "self",
"summary": "SUSE Bug 1107689",
"url": "https://bugzilla.suse.com/1107689"
},
{
"category": "self",
"summary": "SUSE Bug 1108399",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "self",
"summary": "SUSE Bug 1108912",
"url": "https://bugzilla.suse.com/1108912"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10853 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10853/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10876 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10876/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10877 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10877/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10878 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10879 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10879/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10880 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10880/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10881 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10881/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10882 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10882/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10883 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10883/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10902 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10902/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10940 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-12896 page",
"url": "https://www.suse.com/security/cve/CVE-2018-12896/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-13093 page",
"url": "https://www.suse.com/security/cve/CVE-2018-13093/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14617 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14617/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-14634 page",
"url": "https://www.suse.com/security/cve/CVE-2018-14634/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16276 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16276/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-16658 page",
"url": "https://www.suse.com/security/cve/CVE-2018-16658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-17182 page",
"url": "https://www.suse.com/security/cve/CVE-2018-17182/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6554 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6554/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-6555 page",
"url": "https://www.suse.com/security/cve/CVE-2018-6555/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-10-09T11:15:29Z",
"generator": {
"date": "2018-10-09T11:15:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:3083-1",
"initial_release_date": "2018-10-09T11:15:29Z",
"revision_history": [
{
"date": "2018-10-09T11:15:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.61-52.146.1.noarch",
"product": {
"name": "kernel-devel-3.12.61-52.146.1.noarch",
"product_id": "kernel-devel-3.12.61-52.146.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.61-52.146.1.noarch",
"product": {
"name": "kernel-macros-3.12.61-52.146.1.noarch",
"product_id": "kernel-macros-3.12.61-52.146.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.61-52.146.1.noarch",
"product": {
"name": "kernel-source-3.12.61-52.146.1.noarch",
"product_id": "kernel-source-3.12.61-52.146.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.146.1.ppc64le",
"product": {
"name": "kernel-default-3.12.61-52.146.1.ppc64le",
"product_id": "kernel-default-3.12.61-52.146.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.146.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.61-52.146.1.ppc64le",
"product_id": "kernel-default-base-3.12.61-52.146.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.146.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.61-52.146.1.ppc64le",
"product_id": "kernel-default-devel-3.12.61-52.146.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.146.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.61-52.146.1.ppc64le",
"product_id": "kernel-syms-3.12.61-52.146.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.146.1.s390x",
"product": {
"name": "kernel-default-3.12.61-52.146.1.s390x",
"product_id": "kernel-default-3.12.61-52.146.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.146.1.s390x",
"product": {
"name": "kernel-default-base-3.12.61-52.146.1.s390x",
"product_id": "kernel-default-base-3.12.61-52.146.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.146.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.61-52.146.1.s390x",
"product_id": "kernel-default-devel-3.12.61-52.146.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.61-52.146.1.s390x",
"product": {
"name": "kernel-default-man-3.12.61-52.146.1.s390x",
"product_id": "kernel-default-man-3.12.61-52.146.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.146.1.s390x",
"product": {
"name": "kernel-syms-3.12.61-52.146.1.s390x",
"product_id": "kernel-syms-3.12.61-52.146.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-ec2-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.61-52.146.1.x86_64",
"product_id": "kernel-ec2-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-default-3.12.61-52.146.1.x86_64",
"product_id": "kernel-default-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.61-52.146.1.x86_64",
"product_id": "kernel-default-base-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.61-52.146.1.x86_64",
"product_id": "kernel-default-devel-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-syms-3.12.61-52.146.1.x86_64",
"product_id": "kernel-syms-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-xen-3.12.61-52.146.1.x86_64",
"product_id": "kernel-xen-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.61-52.146.1.x86_64",
"product_id": "kernel-xen-base-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.61-52.146.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.61-52.146.1.x86_64",
"product_id": "kernel-xen-devel-3.12.61-52.146.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.146.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le"
},
"product_reference": "kernel-default-3.12.61-52.146.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x"
},
"product_reference": "kernel-default-3.12.61-52.146.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-default-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.146.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.61-52.146.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x"
},
"product_reference": "kernel-default-base-3.12.61-52.146.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.146.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.61-52.146.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.61-52.146.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x"
},
"product_reference": "kernel-default-man-3.12.61-52.146.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.61-52.146.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch"
},
"product_reference": "kernel-devel-3.12.61-52.146.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.61-52.146.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch"
},
"product_reference": "kernel-macros-3.12.61-52.146.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.61-52.146.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch"
},
"product_reference": "kernel-source-3.12.61-52.146.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.146.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.61-52.146.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.146.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x"
},
"product_reference": "kernel-syms-3.12.61-52.146.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-syms-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-xen-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.61-52.146.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.61-52.146.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-10853",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10853"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10853",
"url": "https://www.suse.com/security/cve/CVE-2018-10853"
},
{
"category": "external",
"summary": "SUSE Bug 1097104 for CVE-2018-10853",
"url": "https://bugzilla.suse.com/1097104"
},
{
"category": "external",
"summary": "SUSE Bug 1097108 for CVE-2018-10853",
"url": "https://bugzilla.suse.com/1097108"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "important"
}
],
"title": "CVE-2018-10853"
},
{
"cve": "CVE-2018-10876",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10876"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10876",
"url": "https://www.suse.com/security/cve/CVE-2018-10876"
},
{
"category": "external",
"summary": "SUSE Bug 1099811 for CVE-2018-10876",
"url": "https://bugzilla.suse.com/1099811"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-10876"
},
{
"cve": "CVE-2018-10877",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10877"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10877",
"url": "https://www.suse.com/security/cve/CVE-2018-10877"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10877",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099846 for CVE-2018-10877",
"url": "https://bugzilla.suse.com/1099846"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-10877"
},
{
"cve": "CVE-2018-10878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10878"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10878",
"url": "https://www.suse.com/security/cve/CVE-2018-10878"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10878",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099813 for CVE-2018-10878",
"url": "https://bugzilla.suse.com/1099813"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-10878"
},
{
"cve": "CVE-2018-10879",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10879"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10879",
"url": "https://www.suse.com/security/cve/CVE-2018-10879"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10879",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099844 for CVE-2018-10879",
"url": "https://bugzilla.suse.com/1099844"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-10879"
},
{
"cve": "CVE-2018-10880",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10880"
}
],
"notes": [
{
"category": "general",
"text": "Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10880",
"url": "https://www.suse.com/security/cve/CVE-2018-10880"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10880",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099845 for CVE-2018-10880",
"url": "https://bugzilla.suse.com/1099845"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-10880"
},
{
"cve": "CVE-2018-10881",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10881"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10881",
"url": "https://www.suse.com/security/cve/CVE-2018-10881"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10881",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099864 for CVE-2018-10881",
"url": "https://bugzilla.suse.com/1099864"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-10881"
},
{
"cve": "CVE-2018-10882",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10882"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10882",
"url": "https://www.suse.com/security/cve/CVE-2018-10882"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10882",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099849 for CVE-2018-10882",
"url": "https://bugzilla.suse.com/1099849"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-10882"
},
{
"cve": "CVE-2018-10883",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10883"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the Linux kernel\u0027s ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10883",
"url": "https://www.suse.com/security/cve/CVE-2018-10883"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10883",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1099863 for CVE-2018-10883",
"url": "https://bugzilla.suse.com/1099863"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-10883"
},
{
"cve": "CVE-2018-10902",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10902"
}
],
"notes": [
{
"category": "general",
"text": "It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10902",
"url": "https://www.suse.com/security/cve/CVE-2018-10902"
},
{
"category": "external",
"summary": "SUSE Bug 1105322 for CVE-2018-10902",
"url": "https://bugzilla.suse.com/1105322"
},
{
"category": "external",
"summary": "SUSE Bug 1105323 for CVE-2018-10902",
"url": "https://bugzilla.suse.com/1105323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "low"
}
],
"title": "CVE-2018-10902"
},
{
"cve": "CVE-2018-10940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10940"
}
],
"notes": [
{
"category": "general",
"text": "The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10940",
"url": "https://www.suse.com/security/cve/CVE-2018-10940"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10940",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1092903 for CVE-2018-10940",
"url": "https://bugzilla.suse.com/1092903"
},
{
"category": "external",
"summary": "SUSE Bug 1107689 for CVE-2018-10940",
"url": "https://bugzilla.suse.com/1107689"
},
{
"category": "external",
"summary": "SUSE Bug 1113751 for CVE-2018-10940",
"url": "https://bugzilla.suse.com/1113751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-10940"
},
{
"cve": "CVE-2018-12896",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-12896"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-12896",
"url": "https://www.suse.com/security/cve/CVE-2018-12896"
},
{
"category": "external",
"summary": "SUSE Bug 1099922 for CVE-2018-12896",
"url": "https://bugzilla.suse.com/1099922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "low"
}
],
"title": "CVE-2018-12896"
},
{
"cve": "CVE-2018-13093",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-13093"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode-\u003ei_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-13093",
"url": "https://www.suse.com/security/cve/CVE-2018-13093"
},
{
"category": "external",
"summary": "SUSE Bug 1100001 for CVE-2018-13093",
"url": "https://bugzilla.suse.com/1100001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-13093"
},
{
"cve": "CVE-2018-14617",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14617"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14617",
"url": "https://www.suse.com/security/cve/CVE-2018-14617"
},
{
"category": "external",
"summary": "SUSE Bug 1102870 for CVE-2018-14617",
"url": "https://bugzilla.suse.com/1102870"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-14617"
},
{
"cve": "CVE-2018-14634",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-14634"
}
],
"notes": [
{
"category": "general",
"text": "An integer overflow flaw was found in the Linux kernel\u0027s create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-14634",
"url": "https://www.suse.com/security/cve/CVE-2018-14634"
},
{
"category": "external",
"summary": "SUSE Bug 1108912 for CVE-2018-14634",
"url": "https://bugzilla.suse.com/1108912"
},
{
"category": "external",
"summary": "SUSE Bug 1108963 for CVE-2018-14634",
"url": "https://bugzilla.suse.com/1108963"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-14634",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1120323 for CVE-2018-14634",
"url": "https://bugzilla.suse.com/1120323"
},
{
"category": "external",
"summary": "SUSE Bug 1122265 for CVE-2018-14634",
"url": "https://bugzilla.suse.com/1122265"
},
{
"category": "external",
"summary": "SUSE Bug 1188063 for CVE-2018-14634",
"url": "https://bugzilla.suse.com/1188063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "important"
}
],
"title": "CVE-2018-14634"
},
{
"cve": "CVE-2018-16276",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16276"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16276",
"url": "https://www.suse.com/security/cve/CVE-2018-16276"
},
{
"category": "external",
"summary": "SUSE Bug 1106095 for CVE-2018-16276",
"url": "https://bugzilla.suse.com/1106095"
},
{
"category": "external",
"summary": "SUSE Bug 1115593 for CVE-2018-16276",
"url": "https://bugzilla.suse.com/1115593"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "important"
}
],
"title": "CVE-2018-16276"
},
{
"cve": "CVE-2018-16658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-16658"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-16658",
"url": "https://www.suse.com/security/cve/CVE-2018-16658"
},
{
"category": "external",
"summary": "SUSE Bug 1092903 for CVE-2018-16658",
"url": "https://bugzilla.suse.com/1092903"
},
{
"category": "external",
"summary": "SUSE Bug 1107689 for CVE-2018-16658",
"url": "https://bugzilla.suse.com/1107689"
},
{
"category": "external",
"summary": "SUSE Bug 1113751 for CVE-2018-16658",
"url": "https://bugzilla.suse.com/1113751"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "low"
}
],
"title": "CVE-2018-16658"
},
{
"cve": "CVE-2018-17182",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-17182"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-17182",
"url": "https://www.suse.com/security/cve/CVE-2018-17182"
},
{
"category": "external",
"summary": "SUSE Bug 1108399 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1108399"
},
{
"category": "external",
"summary": "SUSE Bug 1110233 for CVE-2018-17182",
"url": "https://bugzilla.suse.com/1110233"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-17182"
},
{
"cve": "CVE-2018-6554",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6554"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6554",
"url": "https://www.suse.com/security/cve/CVE-2018-6554"
},
{
"category": "external",
"summary": "SUSE Bug 1106509 for CVE-2018-6554",
"url": "https://bugzilla.suse.com/1106509"
},
{
"category": "external",
"summary": "SUSE Bug 1106511 for CVE-2018-6554",
"url": "https://bugzilla.suse.com/1106511"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "low"
}
],
"title": "CVE-2018-6554"
},
{
"cve": "CVE-2018-6555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-6555"
}
],
"notes": [
{
"category": "general",
"text": "The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-6555",
"url": "https://www.suse.com/security/cve/CVE-2018-6555"
},
{
"category": "external",
"summary": "SUSE Bug 1106509 for CVE-2018-6555",
"url": "https://bugzilla.suse.com/1106509"
},
{
"category": "external",
"summary": "SUSE Bug 1106511 for CVE-2018-6555",
"url": "https://bugzilla.suse.com/1106511"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-6555",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.146.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.146.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-default-1-1.5.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_146-xen-1-1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-10-09T11:15:29Z",
"details": "moderate"
}
],
"title": "CVE-2018-6555"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…