Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2018-20669 (GCVE-0-2018-20669)
Vulnerability from cvelistv5 – Published: 2019-03-18 16:33 – Updated: 2024-08-05 12:05
VLAI
EPSS
Summary
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/106748 | vdb-entryx_refsource_BID |
| http://git.kernel.org/cgit/linux/kernel/git/torva… | x_refsource_MISC |
| http://lists.opensuse.org/opensuse-security-annou… | mailing-listx_refsource_MLIST |
| http://www.openwall.com/lists/oss-security/2019/01/23/6 | mailing-listx_refsource_MLIST |
| https://access.redhat.com/security/cve/cve-2018-20669 | x_refsource_MISC |
| https://security.netapp.com/advisory/ntap-2019040… | x_refsource_CONFIRM |
| https://support.f5.com/csp/article/K32059550 | x_refsource_CONFIRM |
| https://usn.ubuntu.com/4485-1/ | vendor-advisoryx_refsource_UBUNTU |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T12:05:17.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "106748",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/106748"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c"
},
{
"name": "[opensuse-security-announce] 20190218 [security-announce] openSUSE-SU-2019:0203-1: important: Security update for the Linux Kernel",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
},
{
"name": "[oss-security] 20190123 Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2019/01/23/6"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/cve-2018-20669"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.f5.com/csp/article/K32059550"
},
{
"name": "USN-4485-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4485-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-09-15T17:06:17.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "106748",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/106748"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c"
},
{
"name": "[opensuse-security-announce] 20190218 [security-announce] openSUSE-SU-2019:0203-1: important: Security update for the Linux Kernel",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
},
{
"name": "[oss-security] 20190123 Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2019/01/23/6"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://access.redhat.com/security/cve/cve-2018-20669"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.f5.com/csp/article/K32059550"
},
{
"name": "USN-4485-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4485-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106748"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c"
},
{
"name": "[opensuse-security-announce] 20190218 [security-announce] openSUSE-SU-2019:0203-1: important: Security update for the Linux Kernel",
"refsource": "MLIST",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
},
{
"name": "[oss-security] 20190123 Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/01/23/6"
},
{
"name": "https://access.redhat.com/security/cve/cve-2018-20669",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2018-20669"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190404-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
},
{
"name": "https://support.f5.com/csp/article/K32059550",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K32059550"
},
{
"name": "USN-4485-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4485-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-20669",
"datePublished": "2019-03-18T16:33:59.000Z",
"dateReserved": "2019-01-03T00:00:00.000Z",
"dateUpdated": "2024-08-05T12:05:17.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2018-20669",
"date": "2026-05-27",
"epss": "0.00079",
"percentile": "0.23341"
},
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.13\", \"versionEndExcluding\": \"4.14.185\", \"matchCriteriaId\": \"57D0DECB-805F-4F3F-A25D-9907A2F12045\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.15\", \"versionEndExcluding\": \"4.19.129\", \"matchCriteriaId\": \"96593438-C71A-47FD-B19B-F54C6E65BDA5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.20\", \"versionEndExcluding\": \"5.0\", \"matchCriteriaId\": \"0072BD0C-5157-4913-B66D-FC29CF184664\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"815D70A8-47D3-459C-A32C-9FEACA0659D1\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\", \"matchCriteriaId\": \"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\", \"matchCriteriaId\": \"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3C19813-E823-456A-B1CE-EC0684CE1953\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F74F467A-0C81-40D9-BA06-40FB8EF02C04\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EB30733E-68FC-49C4-86C0-7FEE75C366BF\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6361DAC6-600F-4B15-8797-D67F298F46FB\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.\"}, {\"lang\": \"es\", \"value\": \"Se ha descubierto un problema por el cual una direcci\\u00f3n proporcionada con access_ok() no se comprueba en i915_gem_execbuffer2_ioctl en drivers/gpu/drm/i915/i915_gem_execbuffer.c en el kernel de Linux hasta la versi\\u00f3n 4.19.13. Un atacante local puede manipular una llamada de funci\\u00f3n IOCTL para sobrescribir memoria arbitraria del kernel, lo que resulta en una denegaci\\u00f3n de servicio (DoS) o el escalado de privilegios.\"}]",
"id": "CVE-2018-20669",
"lastModified": "2024-11-21T04:01:57.657",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 7.2, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 3.9, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2019-03-21T16:00:37.327",
"references": "[{\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c\", \"source\": \"cve@mitre.org\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/01/23/6\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/106748\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2018-20669\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190404-0002/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K32059550\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4485-1/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Release Notes\", \"Vendor Advisory\"]}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2019/01/23/6\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/106748\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/security/cve/cve-2018-20669\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20190404-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.f5.com/csp/article/K32059550\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/4485-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-20\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2018-20669\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-03-21T16:00:37.327\",\"lastModified\":\"2024-11-21T04:01:57.657\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.\"},{\"lang\":\"es\",\"value\":\"Se ha descubierto un problema por el cual una direcci\u00f3n proporcionada con access_ok() no se comprueba en i915_gem_execbuffer2_ioctl en drivers/gpu/drm/i915/i915_gem_execbuffer.c en el kernel de Linux hasta la versi\u00f3n 4.19.13. Un atacante local puede manipular una llamada de funci\u00f3n IOCTL para sobrescribir memoria arbitraria del kernel, lo que resulta en una denegaci\u00f3n de servicio (DoS) o el escalado de privilegios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":7.2,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.13\",\"versionEndExcluding\":\"4.14.185\",\"matchCriteriaId\":\"57D0DECB-805F-4F3F-A25D-9907A2F12045\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.15\",\"versionEndExcluding\":\"4.19.129\",\"matchCriteriaId\":\"96593438-C71A-47FD-B19B-F54C6E65BDA5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.20\",\"versionEndExcluding\":\"5.0\",\"matchCriteriaId\":\"0072BD0C-5157-4913-B66D-FC29CF184664\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"815D70A8-47D3-459C-A32C-9FEACA0659D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F74F467A-0C81-40D9-BA06-40FB8EF02C04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EB30733E-68FC-49C4-86C0-7FEE75C366BF\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6361DAC6-600F-4B15-8797-D67F298F46FB\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/01/23/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106748\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2018-20669\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190404-0002/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K32059550\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4485-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2019/01/23/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/106748\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/security/cve/cve-2018-20669\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190404-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.f5.com/csp/article/K32059550\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4485-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
CERTFR-2020-AVI-820
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP2 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-28974",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28974"
},
{
"name": "CVE-2020-28915",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28915"
},
{
"name": "CVE-2020-27777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27777"
},
{
"name": "CVE-2020-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4788"
},
{
"name": "CVE-2020-27786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27786"
},
{
"name": "CVE-2020-25704",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25704"
},
{
"name": "CVE-2018-20669",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20669"
},
{
"name": "CVE-2020-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29371"
},
{
"name": "CVE-2020-25705",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25705"
},
{
"name": "CVE-2020-28941",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28941"
},
{
"name": "CVE-2020-15437",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15437"
},
{
"name": "CVE-2019-20934",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20934"
},
{
"name": "CVE-2020-25669",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25669"
},
{
"name": "CVE-2020-25668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25668"
},
{
"name": "CVE-2020-15436",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15436"
},
{
"name": "CVE-2020-29369",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29369"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-820",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-12-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et\nune atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20203748-1 du 10 d\u00e9cembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203748-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20203764-1 du 11 d\u00e9cembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203764-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 le noyau Linux de SUSE suse-su-20203766-1 du 11 d\u00e9cembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203766-1/"
}
]
}
CERTFR-2020-AVI-837
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-28974",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28974"
},
{
"name": "CVE-2020-28915",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28915"
},
{
"name": "CVE-2020-27777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27777"
},
{
"name": "CVE-2020-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4788"
},
{
"name": "CVE-2020-27786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27786"
},
{
"name": "CVE-2018-20669",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20669"
},
{
"name": "CVE-2020-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29371"
},
{
"name": "CVE-2020-15437",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15437"
},
{
"name": "CVE-2019-20934",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20934"
},
{
"name": "CVE-2020-25669",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25669"
},
{
"name": "CVE-2020-15436",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15436"
}
],
"links": [],
"reference": "CERTFR-2020-AVI-837",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2020-12-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de service et\nune atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20203798-1 du 14 d\u00e9cembre 2020",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203798-1/"
}
]
}
CERTFR-2021-AVI-021
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP1 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 15-SP1 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-27777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27777"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2020-29660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29660"
},
{
"name": "CVE-2020-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4788"
},
{
"name": "CVE-2020-29661",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29661"
},
{
"name": "CVE-2020-27786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27786"
},
{
"name": "CVE-2020-27830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27830"
},
{
"name": "CVE-2020-29370",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29370"
},
{
"name": "CVE-2018-20669",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20669"
},
{
"name": "CVE-2020-29371",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29371"
},
{
"name": "CVE-2020-27068",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27068"
},
{
"name": "CVE-2020-36158",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36158"
},
{
"name": "CVE-2020-29373",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29373"
},
{
"name": "CVE-2019-20934",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20934"
},
{
"name": "CVE-2020-15436",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15436"
},
{
"name": "CVE-2020-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0444"
},
{
"name": "CVE-2020-11668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11668"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
},
{
"name": "CVE-2020-27825",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27825"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-021",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20210098-1 du 12 janvier 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210098-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20210096-1 du 12 janvier 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210096-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20210097-1 du 12 janvier 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210097-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20210094-1 du 12 janvier 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210094-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20210095-1 du 12 janvier 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210095-1/"
}
]
}
CERTFR-2021-AVI-035
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Realtime 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Software Development Kit 12-SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP5 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Legacy Software 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Development Tools 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Basesystem 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise High Availability 15-SP1 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Live Patching 15-SP2 | ||
| SUSE | N/A | SUSE Linux Enterprise Workstation Extension 12-SP5 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Realtime 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Software Development Kit 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Legacy Software 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Development Tools 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Basesystem 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability 15-SP1",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Live Patching 15-SP2",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 12-SP5",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2020-27777",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27777"
},
{
"name": "CVE-2020-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0466"
},
{
"name": "CVE-2020-29660",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29660"
},
{
"name": "CVE-2020-4788",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4788"
},
{
"name": "CVE-2020-29661",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29661"
},
{
"name": "CVE-2020-27786",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27786"
},
{
"name": "CVE-2020-27830",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27830"
},
{
"name": "CVE-2020-29370",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29370"
},
{
"name": "CVE-2018-20669",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20669"
},
{
"name": "CVE-2020-27068",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27068"
},
{
"name": "CVE-2020-36158",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36158"
},
{
"name": "CVE-2020-29373",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29373"
},
{
"name": "CVE-2019-20934",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-20934"
},
{
"name": "CVE-2020-28374",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28374"
},
{
"name": "CVE-2020-0444",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0444"
},
{
"name": "CVE-2020-11668",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11668"
},
{
"name": "CVE-2020-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-0465"
},
{
"name": "CVE-2020-27825",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27825"
}
],
"links": [],
"reference": "CERTFR-2021-AVI-035",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2021-01-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un\nprobl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code\narbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20210133-1 du 15 janvier 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210133-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20210118-1 du 14 janvier 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210118-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20210117-1 du 14 janvier 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210117-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20210108-1 du 13 janvier 2021",
"url": "https://www.suse.com/support/update/announcement/2021/suse-su-20210108-1/"
}
]
}
CNVD-2019-38530
Vulnerability from cnvd - Published: 2019-10-31
VLAI
Title
Linux kernel本地特权升级漏洞
Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。
Linux kernel中存在安全漏洞,该漏洞源于程序缺少‘access_ok()’检查。攻击者可利用该漏洞绕过限制,提升权限。
Severity
高
Patch Name
Linux kernel本地特权升级漏洞的补丁
Patch Description
Linux kernel是美国Linux基金会发布的开源操作系统Linux所使用的内核。
Linux kernel中存在安全漏洞,该漏洞源于程序缺少‘access_ok()’检查。攻击者可利用该漏洞绕过限制,提升权限。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=594cc251fdd0d231d342d88b2fdff4bc42fb0690
Reference
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=594cc251fdd0d231d342d88b2fdff4bc42fb0690
Impacted products
| Name | Linux Linux kernel <=4.19.13 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2018-20669",
"cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20669"
}
},
"description": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\n\nLinux kernel\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u7f3a\u5c11\u2018access_ok()\u2019\u68c0\u67e5\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u9650\u5236\uff0c\u63d0\u5347\u6743\u9650\u3002",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5:\r\nhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=594cc251fdd0d231d342d88b2fdff4bc42fb0690",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2019-38530",
"openTime": "2019-10-31",
"patchDescription": "Linux kernel\u662f\u7f8e\u56fdLinux\u57fa\u91d1\u4f1a\u53d1\u5e03\u7684\u5f00\u6e90\u64cd\u4f5c\u7cfb\u7edfLinux\u6240\u4f7f\u7528\u7684\u5185\u6838\u3002\r\n\r\nLinux kernel\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7a0b\u5e8f\u7f3a\u5c11\u2018access_ok()\u2019\u68c0\u67e5\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u7ed5\u8fc7\u9650\u5236\uff0c\u63d0\u5347\u6743\u9650\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kernel\u672c\u5730\u7279\u6743\u5347\u7ea7\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Linux Linux kernel \u003c=4.19.13"
},
"referenceLink": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=594cc251fdd0d231d342d88b2fdff4bc42fb0690",
"serverity": "\u9ad8",
"submitTime": "2019-01-28",
"title": "Linux kernel\u672c\u5730\u7279\u6743\u5347\u7ea7\u6f0f\u6d1e"
}
FKIE_CVE-2018-20669
Vulnerability from fkie_nvd - Published: 2019-03-21 16:00 - Updated: 2024-11-21 04:01
Severity
Summary
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| canonical | ubuntu_linux | 14.04 | |
| canonical | ubuntu_linux | 16.04 | |
| canonical | ubuntu_linux | 18.04 | |
| netapp | hci_management_node | - | |
| netapp | snapprotect | - | |
| netapp | solidfire | - | |
| netapp | cn1610_firmware | - | |
| netapp | cn1610 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "57D0DECB-805F-4F3F-A25D-9907A2F12045",
"versionEndExcluding": "4.14.185",
"versionStartIncluding": "4.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "96593438-C71A-47FD-B19B-F54C6E65BDA5",
"versionEndExcluding": "4.19.129",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0072BD0C-5157-4913-B66D-FC29CF184664",
"versionEndExcluding": "5.0",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A3C19813-E823-456A-B1CE-EC0684CE1953",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F74F467A-0C81-40D9-BA06-40FB8EF02C04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*",
"matchCriteriaId": "EB30733E-68FC-49C4-86C0-7FEE75C366BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6361DAC6-600F-4B15-8797-D67F298F46FB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation."
},
{
"lang": "es",
"value": "Se ha descubierto un problema por el cual una direcci\u00f3n proporcionada con access_ok() no se comprueba en i915_gem_execbuffer2_ioctl en drivers/gpu/drm/i915/i915_gem_execbuffer.c en el kernel de Linux hasta la versi\u00f3n 4.19.13. Un atacante local puede manipular una llamada de funci\u00f3n IOCTL para sobrescribir memoria arbitraria del kernel, lo que resulta en una denegaci\u00f3n de servicio (DoS) o el escalado de privilegios."
}
],
"id": "CVE-2018-20669",
"lastModified": "2024-11-21T04:01:57.657",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-03-21T16:00:37.327",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/01/23/6"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106748"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2018-20669"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K32059550"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4485-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/01/23/6"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106748"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2018-20669"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K32059550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4485-1/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-3JGV-8WX7-RW7P
Vulnerability from github – Published: 2022-05-13 01:16 – Updated: 2023-01-20 18:30
VLAI
Details
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
Severity
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2018-20669"
],
"database_specific": {
"cwe_ids": [
"CWE-20"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-03-21T16:00:00Z",
"severity": "HIGH"
},
"details": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.",
"id": "GHSA-3jgv-8wx7-rw7p",
"modified": "2023-01-20T18:30:23Z",
"published": "2022-05-13T01:16:17Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20669"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/cve-2018-20669"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190404-0002"
},
{
"type": "WEB",
"url": "https://support.f5.com/csp/article/K32059550"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/4485-1"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2019/01/23/6"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/106748"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
GSD-2018-20669
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-20669",
"description": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.",
"id": "GSD-2018-20669",
"references": [
"https://www.suse.com/security/cve/CVE-2018-20669.html",
"https://ubuntu.com/security/CVE-2018-20669",
"https://alas.aws.amazon.com/cve/html/CVE-2018-20669.html",
"https://linux.oracle.com/cve/CVE-2018-20669.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-20669"
],
"details": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.",
"id": "GSD-2018-20669",
"modified": "2023-12-13T01:22:29.491218Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20669",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "106748",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/106748"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c",
"refsource": "MISC",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c"
},
{
"name": "[opensuse-security-announce] 20190218 [security-announce] openSUSE-SU-2019:0203-1: important: Security update for the Linux Kernel",
"refsource": "MLIST",
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
},
{
"name": "[oss-security] 20190123 Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2019/01/23/6"
},
{
"name": "https://access.redhat.com/security/cve/cve-2018-20669",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/cve-2018-20669"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190404-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
},
{
"name": "https://support.f5.com/csp/article/K32059550",
"refsource": "CONFIRM",
"url": "https://support.f5.com/csp/article/K32059550"
},
{
"name": "USN-4485-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4485-1/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.14.185",
"versionStartIncluding": "4.13",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "4.19.129",
"versionStartIncluding": "4.15",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "5.0",
"versionStartIncluding": "4.20",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-20669"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/security/cve/cve-2018-20669",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/security/cve/cve-2018-20669"
},
{
"name": "106748",
"refsource": "BID",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/106748"
},
{
"name": "[oss-security] 20190123 Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)",
"refsource": "MLIST",
"tags": [
"Exploit",
"Mailing List",
"Patch",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2019/01/23/6"
},
{
"name": "[opensuse-security-announce] 20190218 [security-announce] openSUSE-SU-2019:0203-1: important: Security update for the Linux Kernel",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c",
"refsource": "MISC",
"tags": [
"Vendor Advisory",
"Release Notes"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190404-0002/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190404-0002/"
},
{
"name": "https://support.f5.com/csp/article/K32059550",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.f5.com/csp/article/K32059550"
},
{
"name": "USN-4485-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4485-1/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-04-11T18:16Z",
"publishedDate": "2019-03-21T16:00Z"
}
}
}
OPENSUSE-SU-2019:0203-1
Vulnerability from csaf_opensuse - Published: 2019-03-23 11:04 - Updated: 2019-03-23 11:04Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2019-3459,CVE-2019-3460: Two information leaks in the bluetooth stack were fixed. (bnc#1120758).
- CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer was fixed. (bnc#1124732).
- CVE-2019-7222: A information leak in exception handling in KVM could be used to expose host memory to guests. (bnc#1124735).
- CVE-2019-6974: A use-after-free in the KVM device control API was fixed. (bnc#1124728).
- CVE-2018-20669: Missing access control checks in ioctl of gpu/drm/i915 driver were fixed which might have lead to information leaks. (bnc#1122971).
The following non-security bugs were fixed:
- 6lowpan: iphc: reset mac_header after decompress to fix panic (bsc#1051510).
- 9p: clear dangling pointers in p9stat_free (bsc#1051510).
- 9p locks: fix glock.client_id leak in do_lock (bsc#1051510).
- 9p/net: put a lower bound on msize (bsc#1051510).
- acpi/nfit: Block function zero DSMs (bsc#1051510).
- acpi, nfit: Fix Address Range Scrub completion tracking (bsc#1124969).
- acpi/nfit: Fix command-supported detection (bsc#1051510).
- acpi/nfit: Fix race accessing memdev in nfit_get_smbios_id() (bsc#1122662).
- acpi/nfit: Fix user-initiated ARS to be 'ARS-long' rather than 'ARS-short' (bsc#1124969).
- ACPI: power: Skip duplicate power resource references in _PRx (bsc#1051510).
- Add delay-init quirk for Corsair K70 RGB keyboards (bsc#1087092).
- af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers (bsc#1051510).
- alsa: bebob: fix model-id of unit for Apogee Ensemble (bsc#1051510).
- alsa: compress: Fix stop handling on compressed capture streams (bsc#1051510).
- alsa: hda - Add mute LED support for HP ProBook 470 G5 (bsc#1051510).
- alsa: hda/ca0132 - Fix build error without CONFIG_PCI (bsc#1051510).
- alsa: hda/realtek - Fixed hp_pin no value (bsc#1051510).
- alsa: hda/realtek - Fix lose hp_pins for disable auto mute (bsc#1051510).
- alsa: hda/realtek - Use a common helper for hp pin reference (bsc#1051510).
- alsa: hda - Serialize codec registrations (bsc#1122944).
- alsa: hda - Use standard device registration for beep (bsc#1122944).
- alsa: oxfw: add support for APOGEE duet FireWire (bsc#1051510).
- alsa: usb-audio: Add Opus #3 to quirks for native DSD support (bsc#1051510).
- alsa: usb-audio: Add support for new T+A USB DAC (bsc#1051510).
- amd-xgbe: Fix mdio access for non-zero ports and clause 45 PHYs (bsc#1122927).
- arm: 8802/1: Call syscall_trace_exit even when system call skipped (bsc#1051510).
- arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bsc#1051510).
- arm: 8815/1: V7M: align v7m_dma_inv_range() with v7 counterpart (bsc#1051510).
- arm/arm64: kvm:vgic: Force VM halt when changing the active state of GICv3 PPIs/SGIs (bsc#1051510).
- arm: cns3xxx: Fix writing to wrong PCI config registers after alignment (bsc#1051510).
- arm: cns3xxx: Use actual size reads for PCIe (bsc#1051510).
- arm: imx: update the cpu power up timing setting on i.mx6sx (bsc#1051510).
- arm: kvm:Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bsc#1051510).
- arm: mmp/mmp2: fix cpu_is_mmp2() on mmp2-dt (bsc#1051510).
- arm: OMAP1: ams-delta: Fix possible use of uninitialized field (bsc#1051510).
- arm: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bsc#1051510).
- ASoC: dma-sh7760: cleanup a debug printk (bsc#1051510).
- ASoC: rt5514-spi: Fix potential NULL pointer dereference (bsc#1051510).
- ax25: fix a use-after-free in ax25_fillin_cb() (networking-stable-19_01_04).
- be2net: do not flip hw_features when VXLANs are added/deleted (bsc#1050252).
- blkdev: avoid migration stalls for blkdev pages (bsc#1084216).
- blk-mq: fix kernel oops in blk_mq_tag_idle() (bsc#1051510).
- block: break discard submissions into the user defined size (git-fixes).
- block: cleanup __blkdev_issue_discard() (git-fixes).
- block: do not deal with discard limit in blkdev_issue_discard() (git-fixes).
- block: fix 32 bit overflow in __blkdev_issue_discard() (git-fixes).
- block: fix infinite loop if the device loses discard capability (git-fixes).
- block: make sure discard bio is aligned with logical block size (git-fixes).
- block: make sure writesame bio is aligned with logical block size (git-fixes).
- block/swim3: Fix -EBUSY error when re-opening device after unmount (git-fixes).
- bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bsc#1086323).
- bnx2x: Clear fip MAC when fcoe offload support is disabled (bsc#1086323).
- bnx2x: Fix NULL pointer dereference in bnx2x_del_all_vlans() on some hw (bsc#1086323).
- bnx2x: Remove configured vlans as part of unload sequence (bsc#1086323).
- bnx2x: Send update-svid ramrod with retry/poll flags enabled (bsc#1086323).
- bonding: update nest level on unlink (git-fixes).
- bsg: allocate sense buffer if requested (bsc#1106811).
- btrfs: qgroup: Fix root item corruption when multiple same source snapshots are created with quota enabled (bsc#1122324).
- can: bcm: check timer values before ktime conversion (bsc#1051510).
- can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it (bsc#1051510).
- can: gw: ensure DLC boundaries after CAN frame modification (bsc#1051510).
- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bsc#1051510).
- char/mwave: fix potential Spectre v1 vulnerability (bsc#1051510).
- checkstack.pl: fix for aarch64 (bsc#1051510).
- cifs: add missing debug entries for kconfig options (bsc#1051510).
- cifs: add missing support for ACLs in SMB 3.11 (bsc#1051510).
- cifs: add sha512 secmech (bsc#1051510).
- cifs: Add support for reading attributes on SMB2+ (bsc#1051510).
- cifs: Add support for writing attributes on SMB2+ (bsc#1051510).
- cifs: do not log STATUS_NOT_FOUND errors for DFS (bsc#1051510).
- cifs: Do not modify mid entry after submitting I/O in cifs_call_async (bsc#1051510).
- cifs: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bsc#1051510).
- cifs: Fix memory leak in smb2_set_ea() (bsc#1051510).
- cifs: fix return value for cifs_listxattr (bsc#1051510).
- cifs: Fix separator when building path from dentry (bsc#1051510).
- cifs: fix set info (bsc#1051510).
- cifs: fix sha512 check in cifs_crypto_secmech_release (bsc#1051510).
- cifs: fix wrapping bugs in num_entries() (bsc#1051510).
- cifs: For SMB2 security informaion query, check for minimum sized security descriptor instead of sizeof FileAllInformation class (bsc#1051510).
- cifs: hide unused functions (bsc#1051510).
- cifs: hide unused functions (bsc#1051510).
- cifs: implement v3.11 preauth integrity (bsc#1051510).
- cifs: make 'nodfs' mount opt a superblock flag (bsc#1051510).
- cifs: prevent integer overflow in nxt_dir_entry() (bsc#1051510).
- cifs: prototype declaration and definition for smb 2 - 3 and cifsacl mount options (bsc#1051510).
- cifs: prototype declaration and definition to set acl for smb 2 - 3 and cifsacl mount options (bsc#1051510).
- cifs: refactor crypto shash/sdesc allocation&free (bsc#1051510).
- cifs: smb2ops: Fix listxattr() when there are no EAs (bsc#1051510).
- cifs: Use smb 2 - 3 and cifsacl mount options getacl functions (bsc#1051510).
- cifs: Use smb 2 - 3 and cifsacl mount options setacl function (bsc#1051510).
- cifs: Use ULL suffix for 64-bit constant (bsc#1051510).
- clk: imx6q: reset exclusive gates on init (bsc#1051510).
- clk: rockchip: fix typo in rk3188 spdif_frac parent (bsc#1051510).
- clk: sunxi-ng: enable so-said LDOs for A64 SoC's pll-mipi clock (bsc#1051510).
- clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent (bsc#1051510).
- cpufreq: imx6q: add return value check for voltage scale (bsc#1051510).
- Cramfs: fix abad comparison when wrap-arounds occur (bsc#1051510).
- crypto: authencesn - Avoid twice completion call in decrypt path (bsc#1051510).
- crypto: authenc - fix parsing key with misaligned rta_len (bsc#1051510).
- crypto: bcm - convert to use crypto_authenc_extractkeys() (bsc#1051510).
- crypto: caam - fix zero-length buffer DMA mapping (bsc#1051510).
- crypto: user - support incremental algorithm dumps (bsc#1120902).
- dlm: fixed memory leaks after failed ls_remove_names allocation (bsc#1051510).
- dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bsc#1051510).
- dlm: memory leaks on error path in dlm_user_request() (bsc#1051510).
- dlm: possible memory leak on error path in create_lkb() (bsc#1051510).
- dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bsc#1051510).
- dmaengine: at_hdmac: fix module unloading (bsc#1051510).
- dmaengine: dma-jz4780: Return error if not probed from DT (bsc#1051510).
- dmaengine: dw: Fix FIFO size for Intel Merrifield (bsc#1051510).
- dmaengine: xilinx_dma: Remove __aligned attribute on zynqmp_dma_desc_ll (bsc#1051510).
- dm cache metadata: verify cache has blocks in blocks_are_clean_separate_dirty() (git-fixes).
- dm: call blk_queue_split() to impose device limits on bios (git-fixes).
- dm: do not allow readahead to limit IO size (git-fixes).
- dm thin: send event about thin-pool state change _after_ making it (git-fixes).
- dm zoned: Fix target BIO completion handling (git-fixes).
- Do not log expected error on DFS referral request (bsc#1051510).
- driver core: Move async_synchronize_full call (bsc#1051510).
- drivers: core: Remove glue dirs from sysfs earlier (bsc#1051510).
- drivers/misc/sgi-gru: fix Spectre v1 vulnerability (bsc#1051510).
- drivers/net/ethernet/qlogic/qed/qed_rdma.h: fix typo (bsc#1086314 bsc#1086313 bsc#1086301 ).
- drivers/sbus/char: add of_node_put() (bsc#1051510).
- drivers/tty: add missing of_node_put() (bsc#1051510).
- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)
- drm/fb-helper: Partially bring back workaround for bugs of SDL 1.2 (bsc#1113722)
- drm/i915/gvt: Fix mmap range check (bsc#1120902)
- drm/nouveau/tmr: detect stalled gpu timer and break out of waits (bsc#1123538).
- drm/vmwgfx: Fix setting of dma masks (bsc#1120902)
- drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user (bsc#1120902)
- e1000e: allow non-monotonic SYSTIM readings (bsc#1051510).
- exportfs: do not read dentry after free (bsc#1051510).
- ext4: Fix crash during online resizing (bsc#1122779).
- fanotify: fix handling of events on child sub-directory (bsc#1122019).
- fat: validate ->i_start before using (bsc#1051510).
- fix smb3-encryption breakage when CONFIG_DEBUG_SG=y (bsc#1051510).
- fork: do not copy inconsistent signal handler state to child (bsc#1051510).
- fork: record start_time late (git-fixes).
- fork: unconditionally clear stack on fork (git-fixes).
- fs/cifs: require sha512 (bsc#1051510).
- gpio: altera-a10sr: Set proper output level for direction_output (bsc#1051510).
- gpio: pcf857x: Fix interrupts on multiple instances (bsc#1051510).
- gpio: pl061: handle failed allocations (bsc#1051510).
- gpio: pl061: Move irq_chip definition inside struct pl061 (bsc#1051510).
- gpio: vf610: Mask all GPIO interrupts (bsc#1051510).
- gro_cell: add napi_disable in gro_cells_destroy (networking-stable-19_01_04).
- hfs: do not free node before using (bsc#1051510).
- hfsplus: do not free node before using (bsc#1051510).
- hfsplus: prevent btree data loss on root split (bsc#1051510).
- hfs: prevent btree data loss on root split (bsc#1051510).
- i2c: dev: prevent adapter retries and timeout being set as minus value (bsc#1051510).
- i40e: fix mac filter delete when setting mac address (bsc#1056658 bsc#1056662).
- i40e: report correct statistics when XDP is enabled (bsc#1056658 bsc#1056662).
- i40e: restore NETIF_F_GSO_IPXIP to netdev features (bsc#1056658 bsc#1056662).
- ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).
- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (networking-stable-19_01_04).
- ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).
- ibmvnic: Increase maximum queue size limit (bsc#1121726).
- ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).
- ide: pmac: add of_node_put() (bsc#1051510).
- ieee802154: lowpan_header_create check must check daddr (networking-stable-19_01_04).
- input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bsc#1051510).
- input: omap-keypad - fix idle configuration to not block SoC idle states (bsc#1051510).
- input: raspberrypi-ts - fix link error (git-fixes).
- input: restore EV_ABS ABS_RESERVED (bsc#1051510).
- input: synaptics - enable RMI on ThinkPad T560 (bsc#1051510).
- input: synaptics - enable SMBus for HP EliteBook 840 G4 (bsc#1051510).
- input: xpad - add support for SteelSeries Stratus Duo (bsc#1111666).
- iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).
- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).
- iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).
- iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).
- ip6mr: Fix potential Spectre v1 vulnerability (networking-stable-19_01_04).
- ipmi:pci: Blacklist a Realtek 'IPMI' device (git-fixes).
- ipmi:ssif: Fix handling of multi-part return messages (bsc#1051510).
- ip: on queued skb use skb_header_pointer instead of pskb_may_pull (git-fixes).
- ipv4: Fix potential Spectre v1 vulnerability (networking-stable-19_01_04).
- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (networking-stable-18_12_12).
- ipv6: Check available headroom in ip6_xmit() even without options (networking-stable-18_12_12).
- ipv6: explicitly initialize udp6_addr in udp_sock_create6() (networking-stable-19_01_04).
- ipv6: sr: properly initialize flowi6 prior passing to ip6_route_output (networking-stable-18_12_12).
- ipv6: tunnels: fix two use-after-free (networking-stable-19_01_04).
- ip: validate header length on virtual device xmit (networking-stable-19_01_04).
- iscsi target: fix session creation failure handling (bsc#1051510).
- isdn: fix kernel-infoleak in capi_unlocked_ioctl (bsc#1051510).
- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).
- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).
- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).
- jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bsc#1051510).
- kABI: fix xhci kABI stability (bsc#1119086).
- kABI: protect struct sctp_association (kabi).
- kABI workaround for deleted snd_hda_register_beep_device() (bsc#1122944).
- kABI workaround for snd_hda_bus.bus_probing addition (bsc#1122944).
- kdb: use memmove instead of overlapping memcpy (bsc#1120954).
- kernel/exit.c: release ptraced tasks before zap_pid_ns_processes (git-fixes).
- kvm: arm/arm64: Properly protect VGIC locks from IRQs (bsc#1117155).
- kvm: arm/arm64: VGIC/ITS: Promote irq_lock() in update_affinity (bsc#1117155).
- kvm: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock (bsc#1117155).
- kvm: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls (bsc#1117155).
- kvm: PPC: Book3S PR: Set hflag to indicate that POWER9 supports 1T segments (bsc#1124589).
- kvm: sev: Fail KVM_SEV_INIT if already initialized (bsc#1114279).
- kvm: x86: fix L1TF's MMIO GFN calculation (bsc#1124204).
- lan78xx: Resolve issue with changing MAC address (bsc#1051510).
- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).
- lib/rbtree-test: lower default params (git-fixes).
- lockd: fix access beyond unterminated strings in prints (git-fixes).
- LSM: Check for NULL cred-security on free (bsc#1051510).
- md: fix raid10 hang issue caused by barrier (git-fixes).
- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info (bsc#1051510).
- media: usb: pwc: Do not use coherent DMA buffers for ISO transfer (bsc#1054610).
- media: v4l2-tpg: array index could become negative (bsc#1051510).
- media: v4l: ioctl: Validate num_planes for debug messages (bsc#1051510).
- media: vb2: be sure to unlock mutex on errors (bsc#1051510).
- media: vb2: vb2_mmap: move lock up (bsc#1051510).
- media: vivid: fix error handling of kthread_run (bsc#1051510).
- media: vivid: free bitmap_cap when updating std/timings/etc (bsc#1051510).
- media: vivid: set min width/height to a value > 0 (bsc#1051510).
- mfd: ab8500-core: Return zero in get_register_interruptible() (bsc#1051510).
- mfd: tps6586x: Handle interrupts on suspend (bsc#1051510).
- misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data (bsc#1051510).
- misc: hmc6352: fix potential Spectre v1 (bsc#1051510).
- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bsc#1051510).
- misc: mic: SCIF Fix scif_get_new_port() error handling (bsc#1051510).
- misc: sram: enable clock before registering regions (bsc#1051510).
- misc: sram: fix resource leaks in probe error path (bsc#1051510).
- misc: ti-st: Fix memory leak in the error path of probe() (bsc#1051510).
- misc: vexpress: Off by one in vexpress_syscfg_exec() (bsc#1051510).
- mmc: atmel-mci: do not assume idle after atmci_request_end (bsc#1051510).
- mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1051510).
- mmc: dw_mmc-bluefield: : Fix the license information (bsc#1051510).
- mmc: sdhci-iproc: handle mmc_of_parse() errors during probe (bsc#1051510).
- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).
- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).
- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).
- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).
- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).
- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).
- mm: migrate: lock buffers before migrate_page_move_mapping() (bsc#1084216).
- mm: migrate: Make buffer_migrate_page_norefs() actually succeed (bsc#1084216)
- mm: migrate: provide buffer_migrate_page_norefs() (bsc#1084216).
- mm: migration: factor out code to compute expected number of page references (bsc#1084216).
- Move the upstreamed HD-audio fix into sorted section
- mpt3sas: check sense buffer before copying sense data (bsc#1106811).
- neighbour: Avoid writing before skb->head in neigh_hh_output() (networking-stable-18_12_12).
- net: 8139cp: fix a BUG triggered by changing mtu with network traffic (networking-stable-18_12_12).
- net: core: Fix Spectre v1 vulnerability (networking-stable-19_01_04).
- net/hamradio/6pack: use mod_timer() to rearm timers (networking-stable-19_01_04).
- net: hns3: add error handler for hns3_nic_init_vector_data() (bsc#1104353).
- net: hns3: add handling for big TX fragment (bsc#1104353 ).
- net: hns3: Fix client initialize state issue when roce client initialize failed (bsc#1104353).
- net: hns3: Fix for loopback selftest failed problem (bsc#1104353 ).
- net: hns3: fix for multiple unmapping DMA problem (bsc#1104353 ).
- net: hns3: Fix tc setup when netdev is first up (bsc#1104353 ).
- net: hns3: Fix tqp array traversal condition for vf (bsc#1104353 ).
- net: hns3: move DMA map into hns3_fill_desc (bsc#1104353 ).
- net: hns3: remove hns3_fill_desc_tso (bsc#1104353).
- net: hns3: rename hns_nic_dma_unmap (bsc#1104353).
- net: hns3: rename the interface for init_client_instance and uninit_client_instance (bsc#1104353).
- net: macb: restart tx after tx used bit read (networking-stable-19_01_04).
- net/mlx4_en: Change min MTU size to ETH_MIN_MTU (networking-stable-18_12_12).
- net/mlx5e: Remove the false indication of software timestamping support (networking-stable-19_01_04).
- net/mlx5: Typo fix in del_sw_hw_rule (networking-stable-19_01_04).
- net: phy: do not allow __set_phy_supported to add unsupported modes (networking-stable-18_12_12).
- net: phy: Fix the issue that netif always links up after resuming (networking-stable-19_01_04).
- netrom: fix locking in nr_find_socket() (networking-stable-19_01_04).
- net: skb_scrub_packet(): Scrub offload_fwd_mark (networking-stable-18_12_03).
- net/smc: fix TCP fallback socket release (networking-stable-19_01_04).
- net: stmmac: Fix PCI module removal leak (git-fixes).
- net: thunderx: set tso_hdrs pointer to NULL in nicvf_free_snd_queue (networking-stable-18_12_03).
- net: thunderx: set xdp_prog to NULL if bpf_prog_add fails (networking-stable-18_12_03).
- net/wan: fix a double free in x25_asy_open_tty() (networking-stable-19_01_04).
- nfsd: COPY and CLONE operations require the saved filehandle to be set (git-fixes).
- nfsd: Fix an Oops in free_session() (git-fixes).
- nfs: Fix a missed page unlock after pg_doio() (git-fixes).
- NFS: Fix up return value on fatal errors in nfs_page_async_flush() (git-fixes).
- NFSv4.1: Fix the r/wsize checking (git-fixes).
- NFSv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING (git-fixes).
- nvme-multipath: round-robin I/O policy (bsc#1110705).
- omap2fb: Fix stack memory disclosure (bsc#1120902)
- packet: Do not leak dev refcounts on error exit (git-fixes).
- packet: validate address length if non-zero (networking-stable-19_01_04).
- packet: validate address length (networking-stable-19_01_04).
- PCI: Disable broken RTIT_BAR of Intel TH (bsc#1120318).
- phonet: af_phonet: Fix Spectre v1 vulnerability (networking-stable-19_01_04).
- platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes (bsc#1051510).
- platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK (bsc#1051510).
- platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bsc#1051510).
- powerpc: Always save/restore checkpointed regs during treclaim/trecheckpoint (bsc#1118338).
- powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).
- powerpc: Detect the presence of big-cores via 'ibm, thread-groups' (bsc#1109695).
- powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).
- powerpc/powernv: Clear LPCR[PECE1] via stop-api only for deep state offline (bsc#1119766, bsc#1055121).
- powerpc/powernv: Clear PECE1 in LPCR via stop-api only on Hotplug (bsc#1119766, bsc#1055121).
- powerpc: Remove facility loadups on transactional {fp, vec, vsx} unavailable (bsc#1118338).
- powerpc: Remove redundant FP/Altivec giveup code (bsc#1118338).
- powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).
- powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).
- powerpc/smp: Add Power9 scheduler topology (bsc#1109695).
- powerpc/smp: Rework CPU topology construction (bsc#1109695).
- powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).
- powerpc/tm: Avoid machine crash on rt_sigreturn (bsc#1118338).
- powerpc/tm: Do not check for WARN in TM Bad Thing handling (bsc#1118338).
- powerpc/tm: Fix comment (bsc#1118338).
- powerpc/tm: Fix endianness flip on trap (bsc#1118338).
- powerpc/tm: Fix HFSCR bit for no suspend case (bsc#1118338).
- powerpc/tm: Fix HTM documentation (bsc#1118338).
- powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM (bsc#1118338).
- powerpc/tm: P9 disable transactionally suspended sigcontexts (bsc#1118338).
- powerpc/tm: Print 64-bits MSR (bsc#1118338).
- powerpc/tm: Print scratch value (bsc#1118338).
- powerpc/tm: Reformat comments (bsc#1118338).
- powerpc/tm: Remove msr_tm_active() (bsc#1118338).
- powerpc/tm: Remove struct thread_info param from tm_reclaim_thread() (bsc#1118338).
- powerpc/tm: Save MSR to PACA before RFID (bsc#1118338).
- powerpc/tm: Set MSR[TS] just prior to recheckpoint (bsc#1118338, bsc#1120955).
- powerpc/tm: Unset MSR[TS] if not recheckpointing (bsc#1118338).
- powerpc/tm: Update function prototype comment (bsc#1118338).
- powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).
- powerpc/xmon: Fix invocation inside lock region (bsc#1122885).
- pstore/ram: Avoid allocation and leak of platform data (bsc#1051510).
- pstore/ram: Avoid NULL deref in ftrace merging failure path (bsc#1051510).
- pstore/ram: Correctly calculate usable PRZ bytes (bsc#1051510).
- pstore/ram: Do not treat empty buffers as valid (bsc#1051510).
- ptp_kvm: probe for kvm guest availability (bsc#1098382).
- ptr_ring: wrap back ->producer in __ptr_ring_swap_queue() (networking-stable-19_01_04).
- qed: Avoid constant logical operation warning in qed_vf_pf_acquire (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Avoid implicit enum conversion in qed_iwarp_parse_rx_pkt (bsc#1086314 bsc#1086313 bsc#1086301 ).
- qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor (bsc#1086314 bsc#1086313 bsc#1086301 ).
- qed: Avoid implicit enum conversion in qed_set_tunn_cls_info (bsc#1086314 bsc#1086313 bsc#1086301 ).
- qed: Fix an error code qed_ll2_start_xmit() (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix bitmap_weight() check (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix blocking/unlimited SPQ entries leak (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix command number mismatch between driver and the mfw (bsc#1086314 bsc#1086313 bsc#1086301 ).
- qed: Fix mask parameter in qed_vf_prep_tunn_req_tlv (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix memory/entry leak in qed_init_sp_request() (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix potential memory corruption (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix PTT leak in qed_drain() (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix QM getters to always return a valid pq (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix rdma_info structure allocation (bsc#1086314 bsc#1086313 bsc#1086301).
- qed: Fix reading wrong value in loop condition (bsc#1086314 bsc#1086313 bsc#1086301).
- qla2xxx: Fixup dual-protocol FCP connections (bsc#1108870).
- qmi_wwan: Added support for Fibocom NL668 series (networking-stable-19_01_04).
- qmi_wwan: Added support for Telit LN940 series (networking-stable-19_01_04).
- qmi_wwan: Add support for Fibocom NL678 series (networking-stable-19_01_04).
- rapidio/rionet: do not free skb before reading its length (networking-stable-18_12_03).
- RDMA/core: Fix unwinding flow in case of error to register device (bsc#1046306).
- Revert 'serial: 8250: Fix clearing FIFOs in RS485 mode again' (bsc#1051510).
- rpm/release-projects: Add SUSE:Maintenance:* for MU kernels (bsc#1123317)
- rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (networking-stable-18_12_12).
- s390/zcrypt: fix specification exception on z196 during ap probe (LTC#174936, bsc#1123061).
- sbus: char: add of_node_put() (bsc#1051510).
- sched/wait: Fix rcuwait_wake_up() ordering (git-fixes).
- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes
- scripts/git_sort/git_sort.py: Add s390/linux.git fixes.
- scsi: qedi: Add ep_state for login completion on un-reachable targets (bsc#1113712).
- scsi: qla2xxx: Timeouts occur on surprise removal of QLogic adapter (bsc#1124985).
- scsi: target: make the pi_prot_format ConfigFS path readable (bsc#1123933).
- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (networking-stable-19_01_04).
- sctp: kfree_rcu asoc (networking-stable-18_12_12).
- selftests/powerpc: Use snprintf to construct DSCR sysfs interface paths (bsc#1124579).
- selinux: Add __GFP_NOWARN to allocation at str_read() (bsc#1051510).
- selinux: fix GPF on invalid policy (bsc#1051510).
- serial: imx: fix error handling in console_setup (bsc#1051510).
- serial: set suppress_bind_attrs flag only if builtin (bsc#1051510).
- serial/sunsu: fix refcount leak (bsc#1051510).
- serial: uartps: Fix interrupt mask issue to handle the RX interrupts properly (bsc#1051510).
- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).
- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).
- signal: Always deliver the kernel's SIGKILL and SIGSTOP to a pid namespace init (git-fixes).
- slab: alien caches must not be initialized if the allocation of the alien cache failed (git fixes (mm/slab)).
- smb3.1.1 dialect is no longer experimental (bsc#1051510).
- smb311: Fix reconnect (bsc#1051510).
- smb3: Add support for multidialect negotiate (SMB2.1 and later) (bsc#1051510).
- smb3: allow stats which track session and share reconnects to be reset (bsc#1051510).
- smb3: Backup intent flag missing for directory opens with backupuid mounts (bsc#1051510).
- smb3: check for and properly advertise directory lease support (bsc#1051510).
- smb3: directory sync should not return an error (bsc#1051510).
- smb3: do not attempt cifs operation in smb3 query info error path (bsc#1051510).
- smb3: do not request leases in symlink creation and query (bsc#1051510).
- smb3: Do not send SMB3 SET_INFO if nothing changed (bsc#1051510).
- smb3: enumerating snapshots was leaving part of the data off end (bsc#1051510).
- smb3: Fix length checking of SMB3.11 negotiate request (bsc#1051510).
- smb3: Fix root directory when server returns inode number of zero (bsc#1051510).
- smb3: fix various xid leaks (bsc#1051510).
- smb3: Improve security, move default dialect to SMB3 from old CIFS (bsc#1051510).
- smb3: on kerberos mount if server does not specify auth type use krb5 (bsc#1051510).
- smb3: Remove ifdef since SMB3 (and later) now STRONGLY preferred (bsc#1051510).
- smb3: simplify code by removing CONFIG_CIFS_SMB311 (bsc#1051510).
- staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1 (bsc#1051510).
- sunrpc: correct the computation for page_ptr when truncating (git-fixes).
- sunrpc: Fix a potential race in xprt_connect() (git-fixes).
- sunrpc: Fix leak of krb5p encode pages (git-fixes).
- sunrpc: handle ENOMEM in rpcb_getport_async (git-fixes).
- sunrpc: safely reallow resvport min/max inversion (git-fixes).
- tcp: Do not underestimate rwnd_limited (networking-stable-18_12_12).
- tcp: fix a race in inet_diag_dump_icsk() (networking-stable-19_01_04).
- tcp: fix NULL ref in tail loss probe (networking-stable-18_12_12).
- tcp: lack of available data can also cause TSO defer (git-fixes).
- thermal: int340x_thermal: Fix a NULL vs IS_ERR() check (bsc#1051510).
- tipc: compare remote and local protocols in tipc_udp_enable() (networking-stable-19_01_04).
- tipc: fix a double kfree_skb() (networking-stable-19_01_04).
- tipc: use lock_sock() in tipc_sk_reinit() (networking-stable-19_01_04).
- tools/lib/lockdep: Rename 'trywlock' into 'trywrlock' (bsc#1121973).
- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).
- tty: Handle problem if line discipline does not have receive_buf (bsc#1051510).
- tty/n_hdlc: fix __might_sleep warning (bsc#1051510).
- tty/serial: do not free trasnmit buffer page under port lock (bsc#1051510).
- tun: forbid iface creation with rtnl ops (networking-stable-18_12_12).
- uart: Fix crash in uart_write and uart_put_char (bsc#1051510).
- usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bsc#1120902).
- usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bsc#1120902).
- usb: dwc3: gadget: Clear req->needs_extra_trb flag on cleanup (bsc#1120902).
- usb: dwc3: trace: add missing break statement to make compiler happy (bsc#1120902).
- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (networking-stable-18_12_03).
- usb: serial: option: add Fibocom NL678 series (bsc#1120902).
- usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bsc#1120902).
- usb: storage: add quirk for SMI SM3350 (bsc#1120902).
- usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bsc#1120902).
- usb: xhci: fix 'broken_suspend' placement in struct xchi_hcd (bsc#1119086).
- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).
- vhost: make sure used idx is seen before log in vhost_add_used_n() (networking-stable-19_01_04).
- virtio-net: fail XDP set if guest csum is negotiated (networking-stable-18_12_03).
- virtio-net: keep vnet header zeroed after processing XDP (networking-stable-18_12_12).
- vsock: Send reset control packet when socket is partially bound (networking-stable-19_01_04).
- vt: invoke notifier on screen size change (bsc#1051510).
- watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).
- writeback: do not decrement wb->refcnt if !wb->bdi (git fixes (writeback)).
- x86/bugs: Add AMD's variant of SSB_NO (bsc#1114279).
- x86/bugs: Update when to check for the LS_CFG SSBD mitigation (bsc#1114279).
- x86/kvmclock: set pvti_cpu0_va after enabling kvmclock (bsc#1098382).
- x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out() (bsc#1114279).
- x86/microcode/amd: Do not falsely trick the late loading mechanism (bsc#1114279).
- x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init() (bsc#1114279).
- x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE (bsc#1114279).
- x86/pvclock: add setter for pvclock_pvti_cpu0_va (bsc#1098382).
- x86/resctrl: Fix rdt_find_domain() return value and checks (bsc#1114279).
- x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC variant (bsc#1114279).
- x86/speculation: Remove redundant arch_smt_update() invocation (bsc#1114279).
- x86/xen/time: Output xen sched_clock time from 0 (bsc#1098382).
- x86/xen/time: set pvclock flags on xen_time_init() (bsc#1098382).
- x86/xen/time: setup vcpu 0 time info page (bsc#1098382).
- xen: Fix x86 sched_clock() interface for xen (bsc#1098382).
- xhci: Add quirk to zero 64bit registers on Renesas PCIe controllers (bsc#1120854).
- xhci: workaround CSS timeout on AMD SNPS 3.0 xHC (bsc#1119086).
- xprtrdma: Reset credit grant properly after a disconnect (git-fixes).
Patchnames: openSUSE-2019-203
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
References
92 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2019-3459,CVE-2019-3460: Two information leaks in the bluetooth stack were fixed. (bnc#1120758).\n- CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer was fixed. (bnc#1124732).\n- CVE-2019-7222: A information leak in exception handling in KVM could be used to expose host memory to guests. (bnc#1124735).\n- CVE-2019-6974: A use-after-free in the KVM device control API was fixed. (bnc#1124728).\n- CVE-2018-20669: Missing access control checks in ioctl of gpu/drm/i915 driver were fixed which might have lead to information leaks. (bnc#1122971).\n\nThe following non-security bugs were fixed:\n\n- 6lowpan: iphc: reset mac_header after decompress to fix panic (bsc#1051510).\n- 9p: clear dangling pointers in p9stat_free (bsc#1051510).\n- 9p locks: fix glock.client_id leak in do_lock (bsc#1051510).\n- 9p/net: put a lower bound on msize (bsc#1051510).\n- acpi/nfit: Block function zero DSMs (bsc#1051510).\n- acpi, nfit: Fix Address Range Scrub completion tracking (bsc#1124969).\n- acpi/nfit: Fix command-supported detection (bsc#1051510).\n- acpi/nfit: Fix race accessing memdev in nfit_get_smbios_id() (bsc#1122662).\n- acpi/nfit: Fix user-initiated ARS to be \u0027ARS-long\u0027 rather than \u0027ARS-short\u0027 (bsc#1124969).\n- ACPI: power: Skip duplicate power resource references in _PRx (bsc#1051510).\n- Add delay-init quirk for Corsair K70 RGB keyboards (bsc#1087092).\n- af_iucv: Move sockaddr length checks to before accessing sa_family in bind and connect handlers (bsc#1051510).\n- alsa: bebob: fix model-id of unit for Apogee Ensemble (bsc#1051510).\n- alsa: compress: Fix stop handling on compressed capture streams (bsc#1051510).\n- alsa: hda - Add mute LED support for HP ProBook 470 G5 (bsc#1051510).\n- alsa: hda/ca0132 - Fix build error without CONFIG_PCI (bsc#1051510).\n- alsa: hda/realtek - Fixed hp_pin no value (bsc#1051510).\n- alsa: hda/realtek - Fix lose hp_pins for disable auto mute (bsc#1051510).\n- alsa: hda/realtek - Use a common helper for hp pin reference (bsc#1051510).\n- alsa: hda - Serialize codec registrations (bsc#1122944).\n- alsa: hda - Use standard device registration for beep (bsc#1122944).\n- alsa: oxfw: add support for APOGEE duet FireWire (bsc#1051510).\n- alsa: usb-audio: Add Opus #3 to quirks for native DSD support (bsc#1051510).\n- alsa: usb-audio: Add support for new T+A USB DAC (bsc#1051510).\n- amd-xgbe: Fix mdio access for non-zero ports and clause 45 PHYs (bsc#1122927).\n- arm: 8802/1: Call syscall_trace_exit even when system call skipped (bsc#1051510).\n- arm: 8814/1: mm: improve/fix ARM v7_dma_inv_range() unaligned address handling (bsc#1051510).\n- arm: 8815/1: V7M: align v7m_dma_inv_range() with v7 counterpart (bsc#1051510).\n- arm/arm64: kvm:vgic: Force VM halt when changing the active state of GICv3 PPIs/SGIs (bsc#1051510).\n- arm: cns3xxx: Fix writing to wrong PCI config registers after alignment (bsc#1051510).\n- arm: cns3xxx: Use actual size reads for PCIe (bsc#1051510).\n- arm: imx: update the cpu power up timing setting on i.mx6sx (bsc#1051510).\n- arm: kvm:Fix VTTBR_BADDR_MASK BUG_ON off-by-one (bsc#1051510).\n- arm: mmp/mmp2: fix cpu_is_mmp2() on mmp2-dt (bsc#1051510).\n- arm: OMAP1: ams-delta: Fix possible use of uninitialized field (bsc#1051510).\n- arm: OMAP2+: prm44xx: Fix section annotation on omap44xx_prm_enable_io_wakeup (bsc#1051510).\n- ASoC: dma-sh7760: cleanup a debug printk (bsc#1051510).\n- ASoC: rt5514-spi: Fix potential NULL pointer dereference (bsc#1051510).\n- ax25: fix a use-after-free in ax25_fillin_cb() (networking-stable-19_01_04).\n- be2net: do not flip hw_features when VXLANs are added/deleted (bsc#1050252).\n- blkdev: avoid migration stalls for blkdev pages (bsc#1084216).\n- blk-mq: fix kernel oops in blk_mq_tag_idle() (bsc#1051510).\n- block: break discard submissions into the user defined size (git-fixes).\n- block: cleanup __blkdev_issue_discard() (git-fixes).\n- block: do not deal with discard limit in blkdev_issue_discard() (git-fixes).\n- block: fix 32 bit overflow in __blkdev_issue_discard() (git-fixes).\n- block: fix infinite loop if the device loses discard capability (git-fixes).\n- block: make sure discard bio is aligned with logical block size (git-fixes).\n- block: make sure writesame bio is aligned with logical block size (git-fixes).\n- block/swim3: Fix -EBUSY error when re-opening device after unmount (git-fixes).\n- bnx2x: Assign unique DMAE channel number for FW DMAE transactions (bsc#1086323).\n- bnx2x: Clear fip MAC when fcoe offload support is disabled (bsc#1086323).\n- bnx2x: Fix NULL pointer dereference in bnx2x_del_all_vlans() on some hw (bsc#1086323).\n- bnx2x: Remove configured vlans as part of unload sequence (bsc#1086323).\n- bnx2x: Send update-svid ramrod with retry/poll flags enabled (bsc#1086323).\n- bonding: update nest level on unlink (git-fixes).\n- bsg: allocate sense buffer if requested (bsc#1106811).\n- btrfs: qgroup: Fix root item corruption when multiple same source snapshots are created with quota enabled (bsc#1122324).\n- can: bcm: check timer values before ktime conversion (bsc#1051510).\n- can: dev: __can_get_echo_skb(): fix bogous check for non-existing skb by removing it (bsc#1051510).\n- can: gw: ensure DLC boundaries after CAN frame modification (bsc#1051510).\n- cdc-acm: fix abnormal DATA RX issue for Mediatek Preloader (bsc#1051510).\n- char/mwave: fix potential Spectre v1 vulnerability (bsc#1051510).\n- checkstack.pl: fix for aarch64 (bsc#1051510).\n- cifs: add missing debug entries for kconfig options (bsc#1051510).\n- cifs: add missing support for ACLs in SMB 3.11 (bsc#1051510).\n- cifs: add sha512 secmech (bsc#1051510).\n- cifs: Add support for reading attributes on SMB2+ (bsc#1051510).\n- cifs: Add support for writing attributes on SMB2+ (bsc#1051510).\n- cifs: do not log STATUS_NOT_FOUND errors for DFS (bsc#1051510).\n- cifs: Do not modify mid entry after submitting I/O in cifs_call_async (bsc#1051510).\n- cifs: Fix error mapping for SMB2_LOCK command which caused OFD lock problem (bsc#1051510).\n- cifs: Fix memory leak in smb2_set_ea() (bsc#1051510).\n- cifs: fix return value for cifs_listxattr (bsc#1051510).\n- cifs: Fix separator when building path from dentry (bsc#1051510).\n- cifs: fix set info (bsc#1051510).\n- cifs: fix sha512 check in cifs_crypto_secmech_release (bsc#1051510).\n- cifs: fix wrapping bugs in num_entries() (bsc#1051510).\n- cifs: For SMB2 security informaion query, check for minimum sized security descriptor instead of sizeof FileAllInformation class (bsc#1051510).\n- cifs: hide unused functions (bsc#1051510).\n- cifs: hide unused functions (bsc#1051510).\n- cifs: implement v3.11 preauth integrity (bsc#1051510).\n- cifs: make \u0027nodfs\u0027 mount opt a superblock flag (bsc#1051510).\n- cifs: prevent integer overflow in nxt_dir_entry() (bsc#1051510).\n- cifs: prototype declaration and definition for smb 2 - 3 and cifsacl mount options (bsc#1051510).\n- cifs: prototype declaration and definition to set acl for smb 2 - 3 and cifsacl mount options (bsc#1051510).\n- cifs: refactor crypto shash/sdesc allocation\u0026free (bsc#1051510).\n- cifs: smb2ops: Fix listxattr() when there are no EAs (bsc#1051510).\n- cifs: Use smb 2 - 3 and cifsacl mount options getacl functions (bsc#1051510).\n- cifs: Use smb 2 - 3 and cifsacl mount options setacl function (bsc#1051510).\n- cifs: Use ULL suffix for 64-bit constant (bsc#1051510).\n- clk: imx6q: reset exclusive gates on init (bsc#1051510).\n- clk: rockchip: fix typo in rk3188 spdif_frac parent (bsc#1051510).\n- clk: sunxi-ng: enable so-said LDOs for A64 SoC\u0027s pll-mipi clock (bsc#1051510).\n- clk: sunxi-ng: h3/h5: Fix CSI_MCLK parent (bsc#1051510).\n- cpufreq: imx6q: add return value check for voltage scale (bsc#1051510).\n- Cramfs: fix abad comparison when wrap-arounds occur (bsc#1051510).\n- crypto: authencesn - Avoid twice completion call in decrypt path (bsc#1051510).\n- crypto: authenc - fix parsing key with misaligned rta_len (bsc#1051510).\n- crypto: bcm - convert to use crypto_authenc_extractkeys() (bsc#1051510).\n- crypto: caam - fix zero-length buffer DMA mapping (bsc#1051510).\n- crypto: user - support incremental algorithm dumps (bsc#1120902).\n- dlm: fixed memory leaks after failed ls_remove_names allocation (bsc#1051510).\n- dlm: lost put_lkb on error path in receive_convert() and receive_unlock() (bsc#1051510).\n- dlm: memory leaks on error path in dlm_user_request() (bsc#1051510).\n- dlm: possible memory leak on error path in create_lkb() (bsc#1051510).\n- dmaengine: at_hdmac: fix memory leak in at_dma_xlate() (bsc#1051510).\n- dmaengine: at_hdmac: fix module unloading (bsc#1051510).\n- dmaengine: dma-jz4780: Return error if not probed from DT (bsc#1051510).\n- dmaengine: dw: Fix FIFO size for Intel Merrifield (bsc#1051510).\n- dmaengine: xilinx_dma: Remove __aligned attribute on zynqmp_dma_desc_ll (bsc#1051510).\n- dm cache metadata: verify cache has blocks in blocks_are_clean_separate_dirty() (git-fixes).\n- dm: call blk_queue_split() to impose device limits on bios (git-fixes).\n- dm: do not allow readahead to limit IO size (git-fixes).\n- dm thin: send event about thin-pool state change _after_ making it (git-fixes).\n- dm zoned: Fix target BIO completion handling (git-fixes).\n- Do not log expected error on DFS referral request (bsc#1051510).\n- driver core: Move async_synchronize_full call (bsc#1051510).\n- drivers: core: Remove glue dirs from sysfs earlier (bsc#1051510).\n- drivers/misc/sgi-gru: fix Spectre v1 vulnerability (bsc#1051510).\n- drivers/net/ethernet/qlogic/qed/qed_rdma.h: fix typo (bsc#1086314 bsc#1086313 bsc#1086301 ).\n- drivers/sbus/char: add of_node_put() (bsc#1051510).\n- drivers/tty: add missing of_node_put() (bsc#1051510).\n- drm/fb-helper: Ignore the value of fb_var_screeninfo.pixclock (bsc#1113722)\n- drm/fb-helper: Partially bring back workaround for bugs of SDL 1.2 (bsc#1113722)\n- drm/i915/gvt: Fix mmap range check (bsc#1120902)\n- drm/nouveau/tmr: detect stalled gpu timer and break out of waits (bsc#1123538).\n- drm/vmwgfx: Fix setting of dma masks (bsc#1120902)\n- drm/vmwgfx: Return error code from vmw_execbuf_copy_fence_user (bsc#1120902)\n- e1000e: allow non-monotonic SYSTIM readings (bsc#1051510).\n- exportfs: do not read dentry after free (bsc#1051510).\n- ext4: Fix crash during online resizing (bsc#1122779).\n- fanotify: fix handling of events on child sub-directory (bsc#1122019).\n- fat: validate -\u003ei_start before using (bsc#1051510).\n- fix smb3-encryption breakage when CONFIG_DEBUG_SG=y (bsc#1051510).\n- fork: do not copy inconsistent signal handler state to child (bsc#1051510).\n- fork: record start_time late (git-fixes).\n- fork: unconditionally clear stack on fork (git-fixes).\n- fs/cifs: require sha512 (bsc#1051510).\n- gpio: altera-a10sr: Set proper output level for direction_output (bsc#1051510).\n- gpio: pcf857x: Fix interrupts on multiple instances (bsc#1051510).\n- gpio: pl061: handle failed allocations (bsc#1051510).\n- gpio: pl061: Move irq_chip definition inside struct pl061 (bsc#1051510).\n- gpio: vf610: Mask all GPIO interrupts (bsc#1051510).\n- gro_cell: add napi_disable in gro_cells_destroy (networking-stable-19_01_04).\n- hfs: do not free node before using (bsc#1051510).\n- hfsplus: do not free node before using (bsc#1051510).\n- hfsplus: prevent btree data loss on root split (bsc#1051510).\n- hfs: prevent btree data loss on root split (bsc#1051510).\n- i2c: dev: prevent adapter retries and timeout being set as minus value (bsc#1051510).\n- i40e: fix mac filter delete when setting mac address (bsc#1056658 bsc#1056662).\n- i40e: report correct statistics when XDP is enabled (bsc#1056658 bsc#1056662).\n- i40e: restore NETIF_F_GSO_IPXIP to netdev features (bsc#1056658 bsc#1056662).\n- ibmveth: Do not process frames after calling napi_reschedule (bcs#1123357).\n- ibmveth: fix DMA unmap error in ibmveth_xmit_start error path (networking-stable-19_01_04).\n- ibmvnic: Add ethtool private flag for driver-defined queue limits (bsc#1121726).\n- ibmvnic: Increase maximum queue size limit (bsc#1121726).\n- ibmvnic: Introduce driver limits for ring sizes (bsc#1121726).\n- ide: pmac: add of_node_put() (bsc#1051510).\n- ieee802154: lowpan_header_create check must check daddr (networking-stable-19_01_04).\n- input: elan_i2c - add ACPI ID for touchpad in ASUS Aspire F5-573G (bsc#1051510).\n- input: omap-keypad - fix idle configuration to not block SoC idle states (bsc#1051510).\n- input: raspberrypi-ts - fix link error (git-fixes).\n- input: restore EV_ABS ABS_RESERVED (bsc#1051510).\n- input: synaptics - enable RMI on ThinkPad T560 (bsc#1051510).\n- input: synaptics - enable SMBus for HP EliteBook 840 G4 (bsc#1051510).\n- input: xpad - add support for SteelSeries Stratus Duo (bsc#1111666).\n- iommu/amd: Call free_iova_fast with pfn in map_sg (bsc#1106105).\n- iommu/amd: Fix IOMMU page flush when detach device from a domain (bsc#1106105).\n- iommu/amd: Unmap all mapped pages in error path of map_sg (bsc#1106105).\n- iommu/vt-d: Fix memory leak in intel_iommu_put_resv_regions() (bsc#1106105).\n- ip6mr: Fix potential Spectre v1 vulnerability (networking-stable-19_01_04).\n- ipmi:pci: Blacklist a Realtek \u0027IPMI\u0027 device (git-fixes).\n- ipmi:ssif: Fix handling of multi-part return messages (bsc#1051510).\n- ip: on queued skb use skb_header_pointer instead of pskb_may_pull (git-fixes).\n- ipv4: Fix potential Spectre v1 vulnerability (networking-stable-19_01_04).\n- ipv4: ipv6: netfilter: Adjust the frag mem limit when truesize changes (networking-stable-18_12_12).\n- ipv6: Check available headroom in ip6_xmit() even without options (networking-stable-18_12_12).\n- ipv6: explicitly initialize udp6_addr in udp_sock_create6() (networking-stable-19_01_04).\n- ipv6: sr: properly initialize flowi6 prior passing to ip6_route_output (networking-stable-18_12_12).\n- ipv6: tunnels: fix two use-after-free (networking-stable-19_01_04).\n- ip: validate header length on virtual device xmit (networking-stable-19_01_04).\n- iscsi target: fix session creation failure handling (bsc#1051510).\n- isdn: fix kernel-infoleak in capi_unlocked_ioctl (bsc#1051510).\n- iwlwifi: fix non_shared_ant for 22000 devices (bsc#1119086).\n- iwlwifi: fix wrong WGDS_WIFI_DATA_SIZE (bsc#1119086).\n- iwlwifi: mvm: do not send GEO_TX_POWER_LIMIT to old firmwares (bsc#1119086).\n- jffs2: Fix use of uninitialized delayed_work, lockdep breakage (bsc#1051510).\n- kABI: fix xhci kABI stability (bsc#1119086).\n- kABI: protect struct sctp_association (kabi).\n- kABI workaround for deleted snd_hda_register_beep_device() (bsc#1122944).\n- kABI workaround for snd_hda_bus.bus_probing addition (bsc#1122944).\n- kdb: use memmove instead of overlapping memcpy (bsc#1120954).\n- kernel/exit.c: release ptraced tasks before zap_pid_ns_processes (git-fixes).\n- kvm: arm/arm64: Properly protect VGIC locks from IRQs (bsc#1117155).\n- kvm: arm/arm64: VGIC/ITS: Promote irq_lock() in update_affinity (bsc#1117155).\n- kvm: arm/arm64: VGIC/ITS: protect kvm_read_guest() calls with SRCU lock (bsc#1117155).\n- kvm: arm/arm64: VGIC/ITS save/restore: protect kvm_read_guest() calls (bsc#1117155).\n- kvm: PPC: Book3S PR: Set hflag to indicate that POWER9 supports 1T segments (bsc#1124589).\n- kvm: sev: Fail KVM_SEV_INIT if already initialized (bsc#1114279).\n- kvm: x86: fix L1TF\u0027s MMIO GFN calculation (bsc#1124204).\n- lan78xx: Resolve issue with changing MAC address (bsc#1051510).\n- libertas_tf: prevent underflow in process_cmdrequest() (bsc#1119086).\n- lib/rbtree-test: lower default params (git-fixes).\n- lockd: fix access beyond unterminated strings in prints (git-fixes).\n- LSM: Check for NULL cred-security on free (bsc#1051510).\n- md: fix raid10 hang issue caused by barrier (git-fixes).\n- media: firewire: Fix app_info parameter type in avc_ca{,_app}_info (bsc#1051510).\n- media: usb: pwc: Do not use coherent DMA buffers for ISO transfer (bsc#1054610).\n- media: v4l2-tpg: array index could become negative (bsc#1051510).\n- media: v4l: ioctl: Validate num_planes for debug messages (bsc#1051510).\n- media: vb2: be sure to unlock mutex on errors (bsc#1051510).\n- media: vb2: vb2_mmap: move lock up (bsc#1051510).\n- media: vivid: fix error handling of kthread_run (bsc#1051510).\n- media: vivid: free bitmap_cap when updating std/timings/etc (bsc#1051510).\n- media: vivid: set min width/height to a value \u003e 0 (bsc#1051510).\n- mfd: ab8500-core: Return zero in get_register_interruptible() (bsc#1051510).\n- mfd: tps6586x: Handle interrupts on suspend (bsc#1051510).\n- misc: atmel-ssc: Fix section annotation on atmel_ssc_get_driver_data (bsc#1051510).\n- misc: hmc6352: fix potential Spectre v1 (bsc#1051510).\n- misc: mic/scif: fix copy-paste error in scif_create_remote_lookup (bsc#1051510).\n- misc: mic: SCIF Fix scif_get_new_port() error handling (bsc#1051510).\n- misc: sram: enable clock before registering regions (bsc#1051510).\n- misc: sram: fix resource leaks in probe error path (bsc#1051510).\n- misc: ti-st: Fix memory leak in the error path of probe() (bsc#1051510).\n- misc: vexpress: Off by one in vexpress_syscfg_exec() (bsc#1051510).\n- mmc: atmel-mci: do not assume idle after atmci_request_end (bsc#1051510).\n- mmc: bcm2835: Fix DMA channel leak on probe error (bsc#1051510).\n- mmc: dw_mmc-bluefield: : Fix the license information (bsc#1051510).\n- mmc: sdhci-iproc: handle mmc_of_parse() errors during probe (bsc#1051510).\n- mm/huge_memory: fix lockdep complaint on 32-bit i_size_read() (VM Functionality, bsc#1121599).\n- mm/huge_memory: rename freeze_page() to unmap_page() (VM Functionality, bsc#1121599).\n- mm/huge_memory: splitting set mapping+index before unfreeze (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() do not crash on Compound (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() remember to clear holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() stop if punched or truncated (VM Functionality, bsc#1121599).\n- mm/khugepaged: collapse_shmem() without freezing new_page (VM Functionality, bsc#1121599).\n- mm/khugepaged: fix crashes due to misaccounted holes (VM Functionality, bsc#1121599).\n- mm/khugepaged: minor reorderings in collapse_shmem() (VM Functionality, bsc#1121599).\n- mm: migrate: lock buffers before migrate_page_move_mapping() (bsc#1084216).\n- mm: migrate: Make buffer_migrate_page_norefs() actually succeed (bsc#1084216)\n- mm: migrate: provide buffer_migrate_page_norefs() (bsc#1084216).\n- mm: migration: factor out code to compute expected number of page references (bsc#1084216).\n- Move the upstreamed HD-audio fix into sorted section\n- mpt3sas: check sense buffer before copying sense data (bsc#1106811).\n- neighbour: Avoid writing before skb-\u003ehead in neigh_hh_output() (networking-stable-18_12_12).\n- net: 8139cp: fix a BUG triggered by changing mtu with network traffic (networking-stable-18_12_12).\n- net: core: Fix Spectre v1 vulnerability (networking-stable-19_01_04).\n- net/hamradio/6pack: use mod_timer() to rearm timers (networking-stable-19_01_04).\n- net: hns3: add error handler for hns3_nic_init_vector_data() (bsc#1104353).\n- net: hns3: add handling for big TX fragment (bsc#1104353 ).\n- net: hns3: Fix client initialize state issue when roce client initialize failed (bsc#1104353).\n- net: hns3: Fix for loopback selftest failed problem (bsc#1104353 ).\n- net: hns3: fix for multiple unmapping DMA problem (bsc#1104353 ).\n- net: hns3: Fix tc setup when netdev is first up (bsc#1104353 ).\n- net: hns3: Fix tqp array traversal condition for vf (bsc#1104353 ).\n- net: hns3: move DMA map into hns3_fill_desc (bsc#1104353 ).\n- net: hns3: remove hns3_fill_desc_tso (bsc#1104353).\n- net: hns3: rename hns_nic_dma_unmap (bsc#1104353).\n- net: hns3: rename the interface for init_client_instance and uninit_client_instance (bsc#1104353).\n- net: macb: restart tx after tx used bit read (networking-stable-19_01_04).\n- net/mlx4_en: Change min MTU size to ETH_MIN_MTU (networking-stable-18_12_12).\n- net/mlx5e: Remove the false indication of software timestamping support (networking-stable-19_01_04).\n- net/mlx5: Typo fix in del_sw_hw_rule (networking-stable-19_01_04).\n- net: phy: do not allow __set_phy_supported to add unsupported modes (networking-stable-18_12_12).\n- net: phy: Fix the issue that netif always links up after resuming (networking-stable-19_01_04).\n- netrom: fix locking in nr_find_socket() (networking-stable-19_01_04).\n- net: skb_scrub_packet(): Scrub offload_fwd_mark (networking-stable-18_12_03).\n- net/smc: fix TCP fallback socket release (networking-stable-19_01_04).\n- net: stmmac: Fix PCI module removal leak (git-fixes).\n- net: thunderx: set tso_hdrs pointer to NULL in nicvf_free_snd_queue (networking-stable-18_12_03).\n- net: thunderx: set xdp_prog to NULL if bpf_prog_add fails (networking-stable-18_12_03).\n- net/wan: fix a double free in x25_asy_open_tty() (networking-stable-19_01_04).\n- nfsd: COPY and CLONE operations require the saved filehandle to be set (git-fixes).\n- nfsd: Fix an Oops in free_session() (git-fixes).\n- nfs: Fix a missed page unlock after pg_doio() (git-fixes).\n- NFS: Fix up return value on fatal errors in nfs_page_async_flush() (git-fixes).\n- NFSv4.1: Fix the r/wsize checking (git-fixes).\n- NFSv4: Do not exit the state manager without clearing NFS4CLNT_MANAGER_RUNNING (git-fixes).\n- nvme-multipath: round-robin I/O policy (bsc#1110705).\n- omap2fb: Fix stack memory disclosure (bsc#1120902)\n- packet: Do not leak dev refcounts on error exit (git-fixes).\n- packet: validate address length if non-zero (networking-stable-19_01_04).\n- packet: validate address length (networking-stable-19_01_04).\n- PCI: Disable broken RTIT_BAR of Intel TH (bsc#1120318).\n- phonet: af_phonet: Fix Spectre v1 vulnerability (networking-stable-19_01_04).\n- platform/x86: asus-nb-wmi: Drop mapping of 0x33 and 0x34 scan codes (bsc#1051510).\n- platform/x86: asus-nb-wmi: Map 0x35 to KEY_SCREENLOCK (bsc#1051510).\n- platform/x86: asus-wmi: Tell the EC the OS will handle the display off hotkey (bsc#1051510).\n- powerpc: Always save/restore checkpointed regs during treclaim/trecheckpoint (bsc#1118338).\n- powerpc/cacheinfo: Report the correct shared_cpu_map on big-cores (bsc#1109695).\n- powerpc: Detect the presence of big-cores via \u0027ibm, thread-groups\u0027 (bsc#1109695).\n- powerpc: make use of for_each_node_by_type() instead of open-coding it (bsc#1109695).\n- powerpc/powernv: Clear LPCR[PECE1] via stop-api only for deep state offline (bsc#1119766, bsc#1055121).\n- powerpc/powernv: Clear PECE1 in LPCR via stop-api only on Hotplug (bsc#1119766, bsc#1055121).\n- powerpc: Remove facility loadups on transactional {fp, vec, vsx} unavailable (bsc#1118338).\n- powerpc: Remove redundant FP/Altivec giveup code (bsc#1118338).\n- powerpc/setup: Add cpu_to_phys_id array (bsc#1109695).\n- powerpc/smp: Add cpu_l2_cache_map (bsc#1109695).\n- powerpc/smp: Add Power9 scheduler topology (bsc#1109695).\n- powerpc/smp: Rework CPU topology construction (bsc#1109695).\n- powerpc/smp: Use cpu_to_chip_id() to find core siblings (bsc#1109695).\n- powerpc/tm: Avoid machine crash on rt_sigreturn (bsc#1118338).\n- powerpc/tm: Do not check for WARN in TM Bad Thing handling (bsc#1118338).\n- powerpc/tm: Fix comment (bsc#1118338).\n- powerpc/tm: Fix endianness flip on trap (bsc#1118338).\n- powerpc/tm: Fix HFSCR bit for no suspend case (bsc#1118338).\n- powerpc/tm: Fix HTM documentation (bsc#1118338).\n- powerpc/tm: Limit TM code inside PPC_TRANSACTIONAL_MEM (bsc#1118338).\n- powerpc/tm: P9 disable transactionally suspended sigcontexts (bsc#1118338).\n- powerpc/tm: Print 64-bits MSR (bsc#1118338).\n- powerpc/tm: Print scratch value (bsc#1118338).\n- powerpc/tm: Reformat comments (bsc#1118338).\n- powerpc/tm: Remove msr_tm_active() (bsc#1118338).\n- powerpc/tm: Remove struct thread_info param from tm_reclaim_thread() (bsc#1118338).\n- powerpc/tm: Save MSR to PACA before RFID (bsc#1118338).\n- powerpc/tm: Set MSR[TS] just prior to recheckpoint (bsc#1118338, bsc#1120955).\n- powerpc/tm: Unset MSR[TS] if not recheckpointing (bsc#1118338).\n- powerpc/tm: Update function prototype comment (bsc#1118338).\n- powerpc: Use cpu_smallcore_sibling_mask at SMT level on bigcores (bsc#1109695).\n- powerpc/xmon: Fix invocation inside lock region (bsc#1122885).\n- pstore/ram: Avoid allocation and leak of platform data (bsc#1051510).\n- pstore/ram: Avoid NULL deref in ftrace merging failure path (bsc#1051510).\n- pstore/ram: Correctly calculate usable PRZ bytes (bsc#1051510).\n- pstore/ram: Do not treat empty buffers as valid (bsc#1051510).\n- ptp_kvm: probe for kvm guest availability (bsc#1098382).\n- ptr_ring: wrap back -\u003eproducer in __ptr_ring_swap_queue() (networking-stable-19_01_04).\n- qed: Avoid constant logical operation warning in qed_vf_pf_acquire (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Avoid implicit enum conversion in qed_iwarp_parse_rx_pkt (bsc#1086314 bsc#1086313 bsc#1086301 ).\n- qed: Avoid implicit enum conversion in qed_roce_mode_to_flavor (bsc#1086314 bsc#1086313 bsc#1086301 ).\n- qed: Avoid implicit enum conversion in qed_set_tunn_cls_info (bsc#1086314 bsc#1086313 bsc#1086301 ).\n- qed: Fix an error code qed_ll2_start_xmit() (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Fix bitmap_weight() check (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Fix blocking/unlimited SPQ entries leak (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Fix command number mismatch between driver and the mfw (bsc#1086314 bsc#1086313 bsc#1086301 ).\n- qed: Fix mask parameter in qed_vf_prep_tunn_req_tlv (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Fix memory/entry leak in qed_init_sp_request() (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Fix potential memory corruption (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Fix PTT leak in qed_drain() (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Fix QM getters to always return a valid pq (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Fix rdma_info structure allocation (bsc#1086314 bsc#1086313 bsc#1086301).\n- qed: Fix reading wrong value in loop condition (bsc#1086314 bsc#1086313 bsc#1086301).\n- qla2xxx: Fixup dual-protocol FCP connections (bsc#1108870).\n- qmi_wwan: Added support for Fibocom NL668 series (networking-stable-19_01_04).\n- qmi_wwan: Added support for Telit LN940 series (networking-stable-19_01_04).\n- qmi_wwan: Add support for Fibocom NL678 series (networking-stable-19_01_04).\n- rapidio/rionet: do not free skb before reading its length (networking-stable-18_12_03).\n- RDMA/core: Fix unwinding flow in case of error to register device (bsc#1046306).\n- Revert \u0027serial: 8250: Fix clearing FIFOs in RS485 mode again\u0027 (bsc#1051510).\n- rpm/release-projects: Add SUSE:Maintenance:* for MU kernels (bsc#1123317)\n- rtnetlink: ndo_dflt_fdb_dump() only work for ARPHRD_ETHER devices (networking-stable-18_12_12).\n- s390/zcrypt: fix specification exception on z196 during ap probe (LTC#174936, bsc#1123061).\n- sbus: char: add of_node_put() (bsc#1051510).\n- sched/wait: Fix rcuwait_wake_up() ordering (git-fixes).\n- scripts/git_sort/git_sort.py: Add mkp/scsi 5.0/scsi-fixes\n- scripts/git_sort/git_sort.py: Add s390/linux.git fixes.\n- scsi: qedi: Add ep_state for login completion on un-reachable targets (bsc#1113712).\n- scsi: qla2xxx: Timeouts occur on surprise removal of QLogic adapter (bsc#1124985).\n- scsi: target: make the pi_prot_format ConfigFS path readable (bsc#1123933).\n- sctp: initialize sin6_flowinfo for ipv6 addrs in sctp_inet6addr_event (networking-stable-19_01_04).\n- sctp: kfree_rcu asoc (networking-stable-18_12_12).\n- selftests/powerpc: Use snprintf to construct DSCR sysfs interface paths (bsc#1124579).\n- selinux: Add __GFP_NOWARN to allocation at str_read() (bsc#1051510).\n- selinux: fix GPF on invalid policy (bsc#1051510).\n- serial: imx: fix error handling in console_setup (bsc#1051510).\n- serial: set suppress_bind_attrs flag only if builtin (bsc#1051510).\n- serial/sunsu: fix refcount leak (bsc#1051510).\n- serial: uartps: Fix interrupt mask issue to handle the RX interrupts properly (bsc#1051510).\n- shmem: introduce shmem_inode_acct_block (VM Functionality, bsc#1121599).\n- shmem: shmem_charge: verify max_block is not exceeded before inode update (VM Functionality, bsc#1121599).\n- signal: Always deliver the kernel\u0027s SIGKILL and SIGSTOP to a pid namespace init (git-fixes).\n- slab: alien caches must not be initialized if the allocation of the alien cache failed (git fixes (mm/slab)).\n- smb3.1.1 dialect is no longer experimental (bsc#1051510).\n- smb311: Fix reconnect (bsc#1051510).\n- smb3: Add support for multidialect negotiate (SMB2.1 and later) (bsc#1051510).\n- smb3: allow stats which track session and share reconnects to be reset (bsc#1051510).\n- smb3: Backup intent flag missing for directory opens with backupuid mounts (bsc#1051510).\n- smb3: check for and properly advertise directory lease support (bsc#1051510).\n- smb3: directory sync should not return an error (bsc#1051510).\n- smb3: do not attempt cifs operation in smb3 query info error path (bsc#1051510).\n- smb3: do not request leases in symlink creation and query (bsc#1051510).\n- smb3: Do not send SMB3 SET_INFO if nothing changed (bsc#1051510).\n- smb3: enumerating snapshots was leaving part of the data off end (bsc#1051510).\n- smb3: Fix length checking of SMB3.11 negotiate request (bsc#1051510).\n- smb3: Fix root directory when server returns inode number of zero (bsc#1051510).\n- smb3: fix various xid leaks (bsc#1051510).\n- smb3: Improve security, move default dialect to SMB3 from old CIFS (bsc#1051510).\n- smb3: on kerberos mount if server does not specify auth type use krb5 (bsc#1051510).\n- smb3: Remove ifdef since SMB3 (and later) now STRONGLY preferred (bsc#1051510).\n- smb3: simplify code by removing CONFIG_CIFS_SMB311 (bsc#1051510).\n- staging: rtl8188eu: Add device code for D-Link DWA-121 rev B1 (bsc#1051510).\n- sunrpc: correct the computation for page_ptr when truncating (git-fixes).\n- sunrpc: Fix a potential race in xprt_connect() (git-fixes).\n- sunrpc: Fix leak of krb5p encode pages (git-fixes).\n- sunrpc: handle ENOMEM in rpcb_getport_async (git-fixes).\n- sunrpc: safely reallow resvport min/max inversion (git-fixes).\n- tcp: Do not underestimate rwnd_limited (networking-stable-18_12_12).\n- tcp: fix a race in inet_diag_dump_icsk() (networking-stable-19_01_04).\n- tcp: fix NULL ref in tail loss probe (networking-stable-18_12_12).\n- tcp: lack of available data can also cause TSO defer (git-fixes).\n- thermal: int340x_thermal: Fix a NULL vs IS_ERR() check (bsc#1051510).\n- tipc: compare remote and local protocols in tipc_udp_enable() (networking-stable-19_01_04).\n- tipc: fix a double kfree_skb() (networking-stable-19_01_04).\n- tipc: use lock_sock() in tipc_sk_reinit() (networking-stable-19_01_04).\n- tools/lib/lockdep: Rename \u0027trywlock\u0027 into \u0027trywrlock\u0027 (bsc#1121973).\n- tty: Do not hold ldisc lock in tty_reopen() if ldisc present (bsc#1051510).\n- tty: Handle problem if line discipline does not have receive_buf (bsc#1051510).\n- tty/n_hdlc: fix __might_sleep warning (bsc#1051510).\n- tty/serial: do not free trasnmit buffer page under port lock (bsc#1051510).\n- tun: forbid iface creation with rtnl ops (networking-stable-18_12_12).\n- uart: Fix crash in uart_write and uart_put_char (bsc#1051510).\n- usb: Add USB_QUIRK_DELAY_CTRL_MSG quirk for Corsair K70 RGB (bsc#1120902).\n- usb: cdc-acm: send ZLP for Telit 3G Intel based modems (bsc#1120902).\n- usb: dwc3: gadget: Clear req-\u003eneeds_extra_trb flag on cleanup (bsc#1120902).\n- usb: dwc3: trace: add missing break statement to make compiler happy (bsc#1120902).\n- usbnet: ipheth: fix potential recvmsg bug and recvmsg bug 2 (networking-stable-18_12_03).\n- usb: serial: option: add Fibocom NL678 series (bsc#1120902).\n- usb: serial: pl2303: add ids for Hewlett-Packard HP POS pole displays (bsc#1120902).\n- usb: storage: add quirk for SMI SM3350 (bsc#1120902).\n- usb: storage: do not insert sane sense for SPC3+ when bad sense specified (bsc#1120902).\n- usb: xhci: fix \u0027broken_suspend\u0027 placement in struct xchi_hcd (bsc#1119086).\n- vfs: Avoid softlockups in drop_pagecache_sb() (bsc#1118505).\n- vhost: make sure used idx is seen before log in vhost_add_used_n() (networking-stable-19_01_04).\n- virtio-net: fail XDP set if guest csum is negotiated (networking-stable-18_12_03).\n- virtio-net: keep vnet header zeroed after processing XDP (networking-stable-18_12_12).\n- vsock: Send reset control packet when socket is partially bound (networking-stable-19_01_04).\n- vt: invoke notifier on screen size change (bsc#1051510).\n- watchdog: w83627hf_wdt: Add quirk for Inves system (bsc#1106434).\n- writeback: do not decrement wb-\u003erefcnt if !wb-\u003ebdi (git fixes (writeback)).\n- x86/bugs: Add AMD\u0027s variant of SSB_NO (bsc#1114279).\n- x86/bugs: Update when to check for the LS_CFG SSBD mitigation (bsc#1114279).\n- x86/kvmclock: set pvti_cpu0_va after enabling kvmclock (bsc#1098382).\n- x86/MCE: Initialize mce.bank in the case of a fatal error in mce_no_way_out() (bsc#1114279).\n- x86/microcode/amd: Do not falsely trick the late loading mechanism (bsc#1114279).\n- x86/mm: Drop usage of __flush_tlb_all() in kernel_physical_mapping_init() (bsc#1114279).\n- x86, modpost: Replace last remnants of RETPOLINE with CONFIG_RETPOLINE (bsc#1114279).\n- x86/pvclock: add setter for pvclock_pvti_cpu0_va (bsc#1098382).\n- x86/resctrl: Fix rdt_find_domain() return value and checks (bsc#1114279).\n- x86/speculation: Add RETPOLINE_AMD support to the inline asm CALL_NOSPEC variant (bsc#1114279).\n- x86/speculation: Remove redundant arch_smt_update() invocation (bsc#1114279).\n- x86/xen/time: Output xen sched_clock time from 0 (bsc#1098382).\n- x86/xen/time: set pvclock flags on xen_time_init() (bsc#1098382).\n- x86/xen/time: setup vcpu 0 time info page (bsc#1098382).\n- xen: Fix x86 sched_clock() interface for xen (bsc#1098382).\n- xhci: Add quirk to zero 64bit registers on Renesas PCIe controllers (bsc#1120854).\n- xhci: workaround CSS timeout on AMD SNPS 3.0 xHC (bsc#1119086).\n- xprtrdma: Reset credit grant properly after a disconnect (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2019-203",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2019_0203-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2019:0203-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UIEBC5XKVMKKVG2FBX5VPRFS2CNKDSF3/#UIEBC5XKVMKKVG2FBX5VPRFS2CNKDSF3"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2019:0203-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UIEBC5XKVMKKVG2FBX5VPRFS2CNKDSF3/#UIEBC5XKVMKKVG2FBX5VPRFS2CNKDSF3"
},
{
"category": "self",
"summary": "SUSE Bug 1046306",
"url": "https://bugzilla.suse.com/1046306"
},
{
"category": "self",
"summary": "SUSE Bug 1050252",
"url": "https://bugzilla.suse.com/1050252"
},
{
"category": "self",
"summary": "SUSE Bug 1051510",
"url": "https://bugzilla.suse.com/1051510"
},
{
"category": "self",
"summary": "SUSE Bug 1054610",
"url": "https://bugzilla.suse.com/1054610"
},
{
"category": "self",
"summary": "SUSE Bug 1055121",
"url": "https://bugzilla.suse.com/1055121"
},
{
"category": "self",
"summary": "SUSE Bug 1056658",
"url": "https://bugzilla.suse.com/1056658"
},
{
"category": "self",
"summary": "SUSE Bug 1056662",
"url": "https://bugzilla.suse.com/1056662"
},
{
"category": "self",
"summary": "SUSE Bug 1084216",
"url": "https://bugzilla.suse.com/1084216"
},
{
"category": "self",
"summary": "SUSE Bug 1086301",
"url": "https://bugzilla.suse.com/1086301"
},
{
"category": "self",
"summary": "SUSE Bug 1086313",
"url": "https://bugzilla.suse.com/1086313"
},
{
"category": "self",
"summary": "SUSE Bug 1086314",
"url": "https://bugzilla.suse.com/1086314"
},
{
"category": "self",
"summary": "SUSE Bug 1086323",
"url": "https://bugzilla.suse.com/1086323"
},
{
"category": "self",
"summary": "SUSE Bug 1087082",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "self",
"summary": "SUSE Bug 1087092",
"url": "https://bugzilla.suse.com/1087092"
},
{
"category": "self",
"summary": "SUSE Bug 1098382",
"url": "https://bugzilla.suse.com/1098382"
},
{
"category": "self",
"summary": "SUSE Bug 1098425",
"url": "https://bugzilla.suse.com/1098425"
},
{
"category": "self",
"summary": "SUSE Bug 1104353",
"url": "https://bugzilla.suse.com/1104353"
},
{
"category": "self",
"summary": "SUSE Bug 1106105",
"url": "https://bugzilla.suse.com/1106105"
},
{
"category": "self",
"summary": "SUSE Bug 1106434",
"url": "https://bugzilla.suse.com/1106434"
},
{
"category": "self",
"summary": "SUSE Bug 1106811",
"url": "https://bugzilla.suse.com/1106811"
},
{
"category": "self",
"summary": "SUSE Bug 1108870",
"url": "https://bugzilla.suse.com/1108870"
},
{
"category": "self",
"summary": "SUSE Bug 1109695",
"url": "https://bugzilla.suse.com/1109695"
},
{
"category": "self",
"summary": "SUSE Bug 1110705",
"url": "https://bugzilla.suse.com/1110705"
},
{
"category": "self",
"summary": "SUSE Bug 1111666",
"url": "https://bugzilla.suse.com/1111666"
},
{
"category": "self",
"summary": "SUSE Bug 1113712",
"url": "https://bugzilla.suse.com/1113712"
},
{
"category": "self",
"summary": "SUSE Bug 1113722",
"url": "https://bugzilla.suse.com/1113722"
},
{
"category": "self",
"summary": "SUSE Bug 1114279",
"url": "https://bugzilla.suse.com/1114279"
},
{
"category": "self",
"summary": "SUSE Bug 1117155",
"url": "https://bugzilla.suse.com/1117155"
},
{
"category": "self",
"summary": "SUSE Bug 1118338",
"url": "https://bugzilla.suse.com/1118338"
},
{
"category": "self",
"summary": "SUSE Bug 1118505",
"url": "https://bugzilla.suse.com/1118505"
},
{
"category": "self",
"summary": "SUSE Bug 1119086",
"url": "https://bugzilla.suse.com/1119086"
},
{
"category": "self",
"summary": "SUSE Bug 1119766",
"url": "https://bugzilla.suse.com/1119766"
},
{
"category": "self",
"summary": "SUSE Bug 1120318",
"url": "https://bugzilla.suse.com/1120318"
},
{
"category": "self",
"summary": "SUSE Bug 1120758",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "self",
"summary": "SUSE Bug 1120854",
"url": "https://bugzilla.suse.com/1120854"
},
{
"category": "self",
"summary": "SUSE Bug 1120902",
"url": "https://bugzilla.suse.com/1120902"
},
{
"category": "self",
"summary": "SUSE Bug 1120954",
"url": "https://bugzilla.suse.com/1120954"
},
{
"category": "self",
"summary": "SUSE Bug 1120955",
"url": "https://bugzilla.suse.com/1120955"
},
{
"category": "self",
"summary": "SUSE Bug 1121599",
"url": "https://bugzilla.suse.com/1121599"
},
{
"category": "self",
"summary": "SUSE Bug 1121726",
"url": "https://bugzilla.suse.com/1121726"
},
{
"category": "self",
"summary": "SUSE Bug 1121973",
"url": "https://bugzilla.suse.com/1121973"
},
{
"category": "self",
"summary": "SUSE Bug 1122019",
"url": "https://bugzilla.suse.com/1122019"
},
{
"category": "self",
"summary": "SUSE Bug 1122324",
"url": "https://bugzilla.suse.com/1122324"
},
{
"category": "self",
"summary": "SUSE Bug 1122554",
"url": "https://bugzilla.suse.com/1122554"
},
{
"category": "self",
"summary": "SUSE Bug 1122662",
"url": "https://bugzilla.suse.com/1122662"
},
{
"category": "self",
"summary": "SUSE Bug 1122779",
"url": "https://bugzilla.suse.com/1122779"
},
{
"category": "self",
"summary": "SUSE Bug 1122885",
"url": "https://bugzilla.suse.com/1122885"
},
{
"category": "self",
"summary": "SUSE Bug 1122927",
"url": "https://bugzilla.suse.com/1122927"
},
{
"category": "self",
"summary": "SUSE Bug 1122944",
"url": "https://bugzilla.suse.com/1122944"
},
{
"category": "self",
"summary": "SUSE Bug 1122971",
"url": "https://bugzilla.suse.com/1122971"
},
{
"category": "self",
"summary": "SUSE Bug 1123061",
"url": "https://bugzilla.suse.com/1123061"
},
{
"category": "self",
"summary": "SUSE Bug 1123317",
"url": "https://bugzilla.suse.com/1123317"
},
{
"category": "self",
"summary": "SUSE Bug 1123348",
"url": "https://bugzilla.suse.com/1123348"
},
{
"category": "self",
"summary": "SUSE Bug 1123357",
"url": "https://bugzilla.suse.com/1123357"
},
{
"category": "self",
"summary": "SUSE Bug 1123538",
"url": "https://bugzilla.suse.com/1123538"
},
{
"category": "self",
"summary": "SUSE Bug 1123697",
"url": "https://bugzilla.suse.com/1123697"
},
{
"category": "self",
"summary": "SUSE Bug 1123933",
"url": "https://bugzilla.suse.com/1123933"
},
{
"category": "self",
"summary": "SUSE Bug 1124204",
"url": "https://bugzilla.suse.com/1124204"
},
{
"category": "self",
"summary": "SUSE Bug 1124579",
"url": "https://bugzilla.suse.com/1124579"
},
{
"category": "self",
"summary": "SUSE Bug 1124589",
"url": "https://bugzilla.suse.com/1124589"
},
{
"category": "self",
"summary": "SUSE Bug 1124728",
"url": "https://bugzilla.suse.com/1124728"
},
{
"category": "self",
"summary": "SUSE Bug 1124732",
"url": "https://bugzilla.suse.com/1124732"
},
{
"category": "self",
"summary": "SUSE Bug 1124735",
"url": "https://bugzilla.suse.com/1124735"
},
{
"category": "self",
"summary": "SUSE Bug 1124969",
"url": "https://bugzilla.suse.com/1124969"
},
{
"category": "self",
"summary": "SUSE Bug 1124985",
"url": "https://bugzilla.suse.com/1124985"
},
{
"category": "self",
"summary": "SUSE Bug 1125109",
"url": "https://bugzilla.suse.com/1125109"
},
{
"category": "self",
"summary": "SUSE Bug 802154",
"url": "https://bugzilla.suse.com/802154"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20669 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3459 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3459/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-3460 page",
"url": "https://www.suse.com/security/cve/CVE-2019-3460/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-6974 page",
"url": "https://www.suse.com/security/cve/CVE-2019-6974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-7221 page",
"url": "https://www.suse.com/security/cve/CVE-2019-7221/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-7222 page",
"url": "https://www.suse.com/security/cve/CVE-2019-7222/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2019-03-23T11:04:58Z",
"generator": {
"date": "2019-03-23T11:04:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2019:0203-1",
"initial_release_date": "2019-03-23T11:04:58Z",
"revision_history": [
{
"date": "2019-03-23T11:04:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-lp150.12.48.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-lp150.12.48.1.noarch",
"product_id": "kernel-devel-4.12.14-lp150.12.48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-lp150.12.48.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-lp150.12.48.1.noarch",
"product_id": "kernel-docs-4.12.14-lp150.12.48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"product_id": "kernel-docs-html-4.12.14-lp150.12.48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-lp150.12.48.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-lp150.12.48.1.noarch",
"product_id": "kernel-macros-4.12.14-lp150.12.48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-lp150.12.48.1.noarch",
"product": {
"name": "kernel-source-4.12.14-lp150.12.48.1.noarch",
"product_id": "kernel-source-4.12.14-lp150.12.48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-debug-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-debug-base-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-default-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-default-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-default-base-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-default-devel-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-obs-build-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-syms-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-vanilla-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.0",
"product": {
"name": "openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-default-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-lp150.12.48.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-lp150.12.48.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-lp150.12.48.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-lp150.12.48.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-4.12.14-lp150.12.48.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch"
},
"product_reference": "kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-lp150.12.48.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-lp150.12.48.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-lp150.12.48.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch"
},
"product_reference": "kernel-source-4.12.14-lp150.12.48.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch"
},
"product_reference": "kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64 as component of openSUSE Leap 15.0",
"product_id": "openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20669"
}
],
"notes": [
{
"category": "general",
"text": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20669",
"url": "https://www.suse.com/security/cve/CVE-2018-20669"
},
{
"category": "external",
"summary": "SUSE Bug 1122971 for CVE-2018-20669",
"url": "https://bugzilla.suse.com/1122971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:04:58Z",
"details": "important"
}
],
"title": "CVE-2018-20669"
},
{
"cve": "CVE-2019-3459",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3459"
}
],
"notes": [
{
"category": "general",
"text": "A heap address information leak while using L2CAP_GET_CONF_OPT was discovered in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3459",
"url": "https://www.suse.com/security/cve/CVE-2019-3459"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3459",
"url": "https://bugzilla.suse.com/1120758"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:04:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-3459"
},
{
"cve": "CVE-2019-3460",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-3460"
}
],
"notes": [
{
"category": "general",
"text": "A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-3460",
"url": "https://www.suse.com/security/cve/CVE-2019-3460"
},
{
"category": "external",
"summary": "SUSE Bug 1120758 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1120758"
},
{
"category": "external",
"summary": "SUSE Bug 1155131 for CVE-2019-3460",
"url": "https://bugzilla.suse.com/1155131"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.6,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:04:58Z",
"details": "moderate"
}
],
"title": "CVE-2019-3460"
},
{
"cve": "CVE-2019-6974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-6974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-6974",
"url": "https://www.suse.com/security/cve/CVE-2019-6974"
},
{
"category": "external",
"summary": "SUSE Bug 1124728 for CVE-2019-6974",
"url": "https://bugzilla.suse.com/1124728"
},
{
"category": "external",
"summary": "SUSE Bug 1124729 for CVE-2019-6974",
"url": "https://bugzilla.suse.com/1124729"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:04:58Z",
"details": "important"
}
],
"title": "CVE-2019-6974"
},
{
"cve": "CVE-2019-7221",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-7221"
}
],
"notes": [
{
"category": "general",
"text": "The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-7221",
"url": "https://www.suse.com/security/cve/CVE-2019-7221"
},
{
"category": "external",
"summary": "SUSE Bug 1124732 for CVE-2019-7221",
"url": "https://bugzilla.suse.com/1124732"
},
{
"category": "external",
"summary": "SUSE Bug 1124734 for CVE-2019-7221",
"url": "https://bugzilla.suse.com/1124734"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:04:58Z",
"details": "important"
}
],
"title": "CVE-2019-7221"
},
{
"cve": "CVE-2019-7222",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-7222"
}
],
"notes": [
{
"category": "general",
"text": "The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-7222",
"url": "https://www.suse.com/security/cve/CVE-2019-7222"
},
{
"category": "external",
"summary": "SUSE Bug 1124735 for CVE-2019-7222",
"url": "https://bugzilla.suse.com/1124735"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.8,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.0:kernel-debug-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-debug-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-default-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-devel-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-docs-html-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-kvmsmall-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-kvmsmall-devel-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-macros-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-obs-build-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-obs-qa-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-source-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-source-vanilla-4.12.14-lp150.12.48.1.noarch",
"openSUSE Leap 15.0:kernel-syms-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-base-4.12.14-lp150.12.48.1.x86_64",
"openSUSE Leap 15.0:kernel-vanilla-devel-4.12.14-lp150.12.48.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2019-03-23T11:04:58Z",
"details": "low"
}
],
"title": "CVE-2019-7222"
}
]
}
OPENSUSE-SU-2020:2193-1
Vulnerability from csaf_opensuse - Published: 2020-12-07 11:06 - Updated: 2020-12-07 11:06Summary
Security update for the Linux Kernel
Severity
Important
Notes
Title of the patch: Security update for the Linux Kernel
Description of the patch:
The openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2020-29371: An issue was discovered in romfs_dev_read in fs/romfs/storage.c where uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd (bnc#1179429).
- CVE-2020-15436: Use-after-free vulnerability in fs/block_dev.c allowed local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field (bnc#1179141).
- CVE-2020-4788: IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296 (bnc#1177666).
- CVE-2018-20669: An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c, where a local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation (bnc#1122971).
- CVE-2020-15437: The Linux kernel was vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allowed local users to cause a denial of service by using the p->serial_in pointer which uninitialized (bnc#1179140).
- CVE-2020-27777: Restrict RTAS requests from userspace (CVE-2020-27777 bsc#1179107).
- CVE-2020-28974: A slab-out-of-bounds read in fbcon could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height (bnc#1178589).
The following non-security bugs were fixed:
- ACPI: GED: fix -Wformat (git-fixes).
- ALSA: ctl: fix error path at adding user-defined element set (git-fixes).
- ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes).
- ALSA: mixart: Fix mutex deadlock (git-fixes).
- ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).
- Bluetooth: btusb: Fix and detect most of the Chinese Bluetooth controllers (git-fixes).
- Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes).
- Convert trailing spaces and periods in path components (bsc#1179424).
- Drivers: hv: vmbus: Remove the unused 'tsc_page' from struct hv_context (git-fixes).
- IB/cma: Fix ports memory leak in cma_configfs (bsc#1111666)
- IB/core: Set qp->real_qp before it may be accessed (bsc#1111666)
- IB/hfi1, qib: Ensure RCU is locked when accessing list (bsc#1111666)
- IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (bsc#1111666)
- IB/hfi1: Add missing INVALIDATE opcodes for trace (bsc#1111666)
- IB/hfi1: Add software counter for ctxt0 seq drop (bsc#1111666)
- IB/hfi1: Avoid hardlockup with flushlist_lock (bsc#1111666)
- IB/hfi1: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
- IB/hfi1: Check for error on call to alloc_rsm_map_table (bsc#1111666)
- IB/hfi1: Close PSM sdma_progress sleep window (bsc#1111666)
- IB/hfi1: Define variables as unsigned long to fix KASAN warning (bsc#1111666)
- IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bsc#1111666)
- IB/hfi1: Fix Spectre v1 vulnerability (bsc#1111666)
- IB/hfi1: Fix memory leaks in sysfs registration and unregistration (bsc#1111666)
- IB/hfi1: Handle port down properly in pio (bsc#1111666)
- IB/hfi1: Handle wakeup of orphaned QPs for pio (bsc#1111666)
- IB/hfi1: Insure freeze_work work_struct is canceled on shutdown (bsc#1111666)
- IB/hfi1: Remove unused define (bsc#1111666)
- IB/hfi1: Silence txreq allocation warnings (bsc#1111666)
- IB/hfi1: Validate page aligned for a given virtual address (bsc#1111666)
- IB/hfi1: Wakeup QPs orphaned on wait list after flush (bsc#1111666)
- IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode (bsc#1111666)
- IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start (bsc#1111666)
- IB/ipoib: drop useless LIST_HEAD (bsc#1111666)
- IB/iser: Fix dma_nents type definition (bsc#1111666)
- IB/iser: Pass the correct number of entries for dma mapped SGL (bsc#1111666)
- IB/mad: Fix use-after-free in ib mad completion handling (bsc#1111666)
- IB/mlx4: Add and improve logging (bsc#1111666)
- IB/mlx4: Add support for MRA (bsc#1111666)
- IB/mlx4: Adjust delayed work when a dup is observed (bsc#1111666)
- IB/mlx4: Fix leak in id_map_find_del (bsc#1111666)
- IB/mlx4: Fix memory leak in add_gid error flow (bsc#1111666)
- IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bsc#1111666)
- IB/mlx4: Fix starvation in paravirt mux/demux (bsc#1111666)
- IB/mlx4: Follow mirror sequence of device add during device removal (bsc#1111666)
- IB/mlx4: Remove unneeded NULL check (bsc#1111666)
- IB/mlx4: Test return value of calls to ib_get_cached_pkey (bsc#1111666)
- IB/mlx5: Add missing XRC options to QP optional params mask (bsc#1111666)
- IB/mlx5: Compare only index part of a memory window rkey (bsc#1111666)
- IB/mlx5: Do not override existing ip_protocol (bsc#1111666)
- IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification (bsc#1111666)
- IB/mlx5: Fix clean_mr() to work in the expected order (bsc#1111666)
- IB/mlx5: Fix implicit MR release flow (bsc#1111666)
- IB/mlx5: Fix outstanding_pi index for GSI qps (bsc#1111666)
- IB/mlx5: Fix unreg_umr to ignore the mkey state (bsc#1111666)
- IB/mlx5: Improve ODP debugging messages (bsc#1111666)
- IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache (bsc#1111666)
- IB/mlx5: Prevent concurrent MR updates during invalidation (bsc#1111666)
- IB/mlx5: Reset access mask when looping inside page fault handler (bsc#1111666)
- IB/mlx5: Set correct write permissions for implicit ODP MR (bsc#1111666)
- IB/mlx5: Use direct mkey destroy command upon UMR unreg failure (bsc#1111666)
- IB/mlx5: Use fragmented QP's buffer for in-kernel users (bsc#1111666)
- IB/mlx5: WQE dump jumps over first 16 bytes (bsc#1111666)
- IB/mthca: fix return value of error branch in mthca_init_cq() (bsc#1111666)
- IB/qib: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)
- IB/qib: Fix an error code in qib_sdma_verbs_send() (bsc#1111666)
- IB/qib: Remove a set-but-not-used variable (bsc#1111666)
- IB/rdmavt: Convert timers to use timer_setup() (bsc#1111666)
- IB/rdmavt: Fix alloc_qpn() WARN_ON() (bsc#1111666)
- IB/rdmavt: Fix sizeof mismatch (bsc#1111666)
- IB/rdmavt: Reset all QPs when the device is shut down (bsc#1111666)
- IB/rxe: Fix incorrect cache cleanup in error flow (bsc#1111666)
- IB/rxe: Make counters thread safe (bsc#1111666)
- IB/srpt: Fix memory leak in srpt_add_one (bsc#1111666)
- IB/umad: Avoid additional device reference during open()/close() (bsc#1111666)
- IB/umad: Avoid destroying device while it is accessed (bsc#1111666)
- IB/umad: Do not check status of nonseekable_open() (bsc#1111666)
- IB/umad: Fix kernel crash while unloading ib_umad (bsc#1111666)
- IB/umad: Refactor code to use cdev_device_add() (bsc#1111666)
- IB/umad: Simplify and avoid dynamic allocation of class (bsc#1111666)
- IB/usnic: Fix out of bounds index check in query pkey (bsc#1111666)
- IB/uverbs: Fix OOPs upon device disassociation (bsc#1111666)
- IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM (bsc#1111666)
- IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value (bsc#1111666)
- KVM host: kabi fixes for psci_version (bsc#1174726).
- KVM: arm64: Add missing #include of <linux/string.h> in guest.c (bsc#1174726).
- KVM: arm64: Factor out core register ID enumeration (bsc#1174726).
- KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST (bsc#1174726).
- KVM: arm64: Refactor kvm_arm_num_regs() for easier maintenance (bsc#1174726).
- KVM: arm64: Reject ioctl access to FPSIMD V-regs on SVE vcpus (bsc#1174726).
- NFS: mark nfsiod as CPU_INTENSIVE (bsc#1177304).
- NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139).
- PCI: pci-hyperv: Fix build errors on non-SYSFS config (git-fixes).
- RDMA/bnxt_re: Fix Send Work Entry state check while polling completions (bsc#1111666)
- RDMA/bnxt_re: Fix lifetimes in bnxt_re_task (bsc#1111666)
- RDMA/bnxt_re: Fix sizeof mismatch for allocation of pbl_tbl. (bsc#1111666)
- RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message (bsc#1111666)
- RDMA/cm: Add missing locking around id.state in cm_dup_req_handler (bsc#1111666)
- RDMA/cm: Fix checking for allowed duplicate listens (bsc#1111666)
- RDMA/cm: Remove a race freeing timewait_info (bsc#1111666)
- RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow (bsc#1111666)
- RDMA/cma: Fix false error message (bsc#1111666)
- RDMA/cma: Protect bind_list and listen_list while finding matching cm id (bsc#1111666)
- RDMA/cma: add missed unregister_pernet_subsys in init failure (bsc#1111666)
- RDMA/cma: fix null-ptr-deref Read in cma_cleanup (bsc#1111666)
- RDMA/core: Do not depend device ODP capabilities on kconfig option (bsc#1111666)
- RDMA/core: Fix invalid memory access in spec_filter_size (bsc#1111666)
- RDMA/core: Fix locking in ib_uverbs_event_read (bsc#1111666)
- RDMA/core: Fix protection fault in ib_mr_pool_destroy (bsc#1111666)
- RDMA/core: Fix race between destroy and release FD object (bsc#1111666)
- RDMA/core: Fix race when resolving IP address (bsc#1111666)
- RDMA/core: Prevent mixed use of FDs between shared ufiles (bsc#1111666)
- RDMA/cxgb3: Delete and properly mark unimplemented resize CQ function (bsc#1111666)
- RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (bsc#1111666)
- RDMA/hns: Correct typo of hns_roce_create_cq() (bsc#1111666)
- RDMA/hns: Remove unsupported modify_port callback (bsc#1111666)
- RDMA/hns: Set the unsupported wr opcode (bsc#1111666)
- RDMA/i40iw: Set queue pair state when being queried (bsc#1111666)
- RDMA/i40iw: fix a potential NULL pointer dereference (bsc#1111666)
- RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() (bsc#1111666)
- RDMA/ipoib: Remove check for ETH_SS_TEST (bsc#1111666)
- RDMA/ipoib: Return void from ipoib_ib_dev_stop() (bsc#1111666)
- RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces (bsc#1111666)
- RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bsc#1111666)
- RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1111666)
- RDMA/iwcm: Fix a lock inversion issue (bsc#1111666)
- RDMA/iwcm: Fix iwcm work deallocation (bsc#1111666)
- RDMA/iwcm: move iw_rem_ref() calls out of spinlock (bsc#1111666)
- RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() (bsc#1111666)
- RDMA/mlx4: Initialize ib_spec on the stack (bsc#1111666)
- RDMA/mlx4: Read pkey table length instead of hardcoded value (bsc#1111666)
- RDMA/mlx5: Clear old rate limit when closing QP (bsc#1111666)
- RDMA/mlx5: Delete unreachable handle_atomic code by simplifying SW completion (bsc#1111666)
- RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR (bsc#1111666)
- RDMA/mlx5: Fix access to wrong pointer while performing flush due to error (bsc#1111666)
- RDMA/mlx5: Fix function name typo 'fileds' -> 'fields' (bsc#1111666)
- RDMA/mlx5: Return proper error value (bsc#1111666)
- RDMA/mlx5: Set GRH fields in query QP on RoCE (bsc#1111666)
- RDMA/mlx5: Verify that QP is created with RQ or SQ (bsc#1111666)
- RDMA/nes: Remove second wait queue initialization call (bsc#1111666)
- RDMA/netlink: Do not always generate an ACK for some netlink operations (bsc#1111666)
- RDMA/ocrdma: Fix out of bounds index check in query pkey (bsc#1111666)
- RDMA/ocrdma: Remove unsupported modify_port callback (bsc#1111666)
- RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() (bsc#1111666)
- RDMA/qedr: Endianness warnings cleanup (bsc#1111666)
- RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 (bsc#1050545).
- RDMA/qedr: Fix doorbell setting (bsc#1111666)
- RDMA/qedr: Fix memory leak in iWARP CM (bsc#1050545 ).
- RDMA/qedr: Fix memory leak in user qp and mr (bsc#1111666)
- RDMA/qedr: Fix reported firmware version (bsc#1111666)
- RDMA/qedr: Fix use of uninitialized field (bsc#1111666)
- RDMA/qedr: Remove unsupported modify_port callback (bsc#1111666)
- RDMA/qedr: SRQ's bug fixes (bsc#1111666)
- RDMA/qib: Delete extra line (bsc#1111666)
- RDMA/qib: Remove all occurrences of BUG_ON() (bsc#1111666)
- RDMA/qib: Validate ->show()/store() callbacks before calling them (bsc#1111666)
- RDMA/rxe: Drop pointless checks in rxe_init_ports (bsc#1111666)
- RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM (bsc#1111666)
- RDMA/rxe: Fix configuration of atomic queue pair attributes (bsc#1111666)
- RDMA/rxe: Fix memleak in rxe_mem_init_user (bsc#1111666)
- RDMA/rxe: Fix slab-out-bounds access which lead to kernel crash later (bsc#1111666)
- RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq (bsc#1111666)
- RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars (bsc#1111666)
- RDMA/rxe: Prevent access to wr->next ptr afrer wr is posted to send queue (bsc#1111666)
- RDMA/rxe: Remove unused rxe_mem_map_pages (bsc#1111666)
- RDMA/rxe: Remove useless rxe_init_device_param assignments (bsc#1111666)
- RDMA/rxe: Return void from rxe_init_port_param() (bsc#1111666)
- RDMA/rxe: Return void from rxe_mem_init_dma() (bsc#1111666)
- RDMA/rxe: Set default vendor ID (bsc#1111666)
- RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices (bsc#1111666)
- RDMA/rxe: Skip dgid check in loopback mode (bsc#1111666)
- RDMA/rxe: Use for_each_sg_page iterator on umem SGL (bsc#1111666)
- RDMA/srp: Rework SCSI device reset handling (bsc#1111666)
- RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (bsc#1111666)
- RDMA/srpt: Report the SCSI residual to the initiator (bsc#1111666)
- RDMA/ucma: Add missing locking around rdma_leave_multicast() (bsc#1111666)
- RDMA/ucma: Put a lock around every call to the rdma_cm layer (bsc#1111666)
- RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated (bsc#1111666)
- RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove (bsc#1111666)
- RDMA/vmw_pvrdma: Use atomic memory allocation in create AH (bsc#1111666)
- RDMA: Directly cast the sockaddr union to sockaddr (bsc#1111666)
- RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() (bsc#1111666)
- Revert 'kernel/reboot.c: convert simple_strtoul to kstrtoint' (bsc#1179418).
- SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() (bsc#1103992).
- Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode (git-fixes).
- USB: core: Fix regression in Hercules audio card (git-fixes).
- Update references in patches.suse/net-smc-tolerate-future-smcd-versions (bsc#1172542 LTC#186070 git-fixes).
- arm/arm64: KVM: Add PSCI version selection API (bsc#1174726).
- arm64: KVM: Fix system register enumeration (bsc#1174726).
- ath10k: Acquire tx_lock in tx error paths (git-fixes).
- batman-adv: set .owner to THIS_MODULE (git-fixes).
- bnxt_en: Fix race when modifying pause settings (bsc#1050242 ).
- bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex (bsc#1050242).
- btrfs: account ticket size at add/delete time (bsc#1178897).
- btrfs: add helper to obtain number of devices with ongoing dev-replace (bsc#1178897).
- btrfs: check rw_devices, not num_devices for balance (bsc#1178897).
- btrfs: do not delete mismatched root refs (bsc#1178962).
- btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1178897).
- btrfs: fix force usage in inc_block_group_ro (bsc#1178897).
- btrfs: fix invalid removal of root ref (bsc#1178962).
- btrfs: fix reclaim counter leak of space_info objects (bsc#1178897).
- btrfs: fix reclaim_size counter leak after stealing from global reserve (bsc#1178897).
- btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1178897).
- btrfs: rework arguments of btrfs_unlink_subvol (bsc#1178962).
- btrfs: split dev-replace locking helpers for read and write (bsc#1178897). Needed as a prep patch for further improvements around btrfs.
- can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).
- can: m_can: fix nominal bitiming tseg2 min for version >= 3.1 (git-fixes).
- ceph: add check_session_state() helper and make it global (bsc#1179259).
- ceph: check session state after bumping session->s_seq (bsc#1179259).
- ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635).
- cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).
- cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426).
- cifs: remove bogus debug code (bsc#1179427).
- cxgb4: Fix offset when clearing filter byte counters (bsc#1064802 bsc#1066129).
- docs: ABI: stable: remove a duplicated documentation (git-fixes).
- drm/i915/gvt: Set ENHANCED_FRAME_CAP bit (git-fixes).
- drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() (git-fixes).
- efi/efivars: Add missing kobject_put() in sysfs entry creation error path (git-fixes).
- efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes).
- efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes).
- efi/x86: Free efi_pgd with free_pages() (bsc#1112178).
- efi/x86: Ignore the memory attributes table on i386 (git-fixes).
- efi/x86: Map the entire EFI vendor string before copying it (git-fixes).
- efi: cper: Fix possible out-of-bounds access (git-fixes).
- efi: provide empty efi_enter_virtual_mode implementation (git-fixes).
- efivarfs: fix memory leak in efivarfs_create() (git-fixes).
- efivarfs: revert 'fix memory leak in efivarfs_create()' (git-fixes).
- fuse: fix page dereference after free (bsc#1179213).
- hv_balloon: disable warning when floor reached (git-fixes).
- i40iw: Fix error handling in i40iw_manage_arp_cache() (bsc#1111666)
- i40iw: Report correct firmware version (bsc#1111666)
- i40iw: fix null pointer dereference on a null wqe pointer (bsc#1111666)
- igc: Fix returning wrong statistics (bsc#1118657).
- iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes).
- iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes).
- iw_cxgb4: fix ECN check on the passive accept (bsc#1111666)
- iw_cxgb4: only reconnect with MPAv1 if the peer aborts (bsc#1111666)
- kABI workaround for usermodehelper changes (bsc#1179406).
- kABI: add back flush_dcache_range (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- mac80211: always wind down STA state (git-fixes).
- mac80211: free sta in sta_info_insert_finish() on errors (git-fixes).
- mlxsw: core: Fix memory leak on module removal (bsc#1112374).
- mm: always have io_remap_pfn_range() set pgprot_decrypted() (bsc#1112178).
- net/tls: Fix kmap usage (bsc#1109837).
- net/tls: missing received data after fast remote close (bsc#1109837).
- net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (bsc#1103990 ).
- net: ena: fix packet's addresses for rx_offset feature (bsc#1174852).
- net: ena: handle bad request id in ena_netdev (git-fixes).
- net: qed: fix 'maybe uninitialized' warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qed: fix async event callbacks unregistering (bsc#1104393 bsc#1104389).
- net: qede: fix PTP initialization on recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: qede: fix use-after-free on recovery and AER handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() (bsc#1110096).
- net_sched: fix a memory leak in atm_tc_init() (bsc#1056657 bsc#1056653 bsc#1056787).
- nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).
- nfp: use correct define to return NONE fec (bsc#1109837).
- pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).
- pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).
- pinctrl: aspeed: Fix GPI only function problem (git-fixes).
- platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes).
- powerpc/32: define helpers to get L1 cache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/64: flush_inval_dcache_range() becomes flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/64: reuse PPC32 static inline flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/mm: Flush cache on memory hot(un)plug (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Fix kernel crash due to wrong range value usage in flush_dcache_range (jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- powerpc: Chunk calls to flush_dcache_range in arch_*_memory (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964 git-fixes).
- powerpc: define helpers to get L1 icache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).
- qed: fix error return code in qed_iwarp_ll2_start() (bsc#1050536 bsc#1050545).
- qed: suppress 'do not support RoCE & iWARP' flooding on HW init (bsc#1050536 bsc#1050545).
- qed: suppress false-positives interrupt error messages on HW init (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).
- reboot: fix overflow parsing reboot cpu number (bsc#1179421).
- rxe: correctly calculate iCRC for unaligned payloads (bsc#1111666)
- rxe: fix error completion wr_id and qp_num (bsc#1111666)
- s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177805 LTC#188737).
- s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175916 LTC#187937).
- s390/dasd: Fix zero write for FBA devices (bsc#1177808 LTC#188739).
- s390: kernel/uv: handle length extension properly (bsc#1178940 LTC#189323).
- sched/core: Fix PI boosting between RT and DEADLINE tasks (bsc#1112178).
- sched/x86: SaveFLAGS on context switch (bsc#1112178).
- scripts/git_sort/git_sort.py: add ceph maintainers git tree
- scsi: RDMA/srpt: Fix a credit leak for aborted commands (bsc#1111666)
- staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes).
- svcrdma: Fix page leak in svc_rdma_recv_read_chunk() (bsc#1103992).
- svcrdma: fix bounce buffers for unaligned offsets and multiple pages (bsc#1103992).
- tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control (bsc#1109837).
- tracing: Fix out of bounds write in get_trace_buf (bsc#1179403).
- tty: serial: imx: keep console clocks always on (git-fixes).
- usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes).
- usb: gadget: Fix memleak in gadgetfs_fill_super (git-fixes).
- usb: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes).
- usb: host: xhci-mtk: avoid runtime suspend when removing hcd (git-fixes).
- usermodehelper: reset umask to default before executing user process (bsc#1179406).
- video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).
- x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect (git-fixes).
- x86/PCI: Fix intel_mid_pci.c build error when ACPI is not enabled (git-fixes).
- x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (git-fixes).
- x86/hyperv: Clarify comment on x2apic mode (git-fixes).
- x86/hyperv: Make vapic support x2apic mode (git-fixes).
- x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1112178).
- x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1112178).
- x86/sysfb_efi: Add quirks for some devices with swapped width and height (git-fixes).
- xfrm: Fix memleak on xfrm state destroy (bsc#1158775).
- xfs: revert 'xfs: fix rmap key and record comparison functions' (git-fixes).
Patchnames: openSUSE-2020-2193
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.5 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
4 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
low
5.1 (Medium)
Affected products
Recommended
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
81 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe openSUSE Leap 15.2 kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2020-29371: An issue was discovered in romfs_dev_read in fs/romfs/storage.c where uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd (bnc#1179429).\n- CVE-2020-15436: Use-after-free vulnerability in fs/block_dev.c allowed local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field (bnc#1179141).\n- CVE-2020-4788: IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296 (bnc#1177666).\n- CVE-2018-20669: An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c, where a local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation (bnc#1122971).\n- CVE-2020-15437: The Linux kernel was vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allowed local users to cause a denial of service by using the p-\u003eserial_in pointer which uninitialized (bnc#1179140).\n- CVE-2020-27777: Restrict RTAS requests from userspace (CVE-2020-27777 bsc#1179107).\n- CVE-2020-28974: A slab-out-of-bounds read in fbcon could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height (bnc#1178589).\n\nThe following non-security bugs were fixed:\n\n- ACPI: GED: fix -Wformat (git-fixes).\n- ALSA: ctl: fix error path at adding user-defined element set (git-fixes).\n- ALSA: firewire: Clean up a locking issue in copy_resp_to_buf() (git-fixes).\n- ALSA: mixart: Fix mutex deadlock (git-fixes).\n- ASoC: qcom: lpass-platform: Fix memory leak (git-fixes).\n- Bluetooth: btusb: Fix and detect most of the Chinese Bluetooth controllers (git-fixes).\n- Bluetooth: hci_bcm: fix freeing not-requested IRQ (git-fixes).\n- Convert trailing spaces and periods in path components (bsc#1179424).\n- Drivers: hv: vmbus: Remove the unused \u0027tsc_page\u0027 from struct hv_context (git-fixes).\n- IB/cma: Fix ports memory leak in cma_configfs (bsc#1111666)\n- IB/core: Set qp-\u003ereal_qp before it may be accessed (bsc#1111666)\n- IB/hfi1, qib: Ensure RCU is locked when accessing list (bsc#1111666)\n- IB/hfi1: Add RcvShortLengthErrCnt to hfi1stats (bsc#1111666)\n- IB/hfi1: Add missing INVALIDATE opcodes for trace (bsc#1111666)\n- IB/hfi1: Add software counter for ctxt0 seq drop (bsc#1111666)\n- IB/hfi1: Avoid hardlockup with flushlist_lock (bsc#1111666)\n- IB/hfi1: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)\n- IB/hfi1: Check for error on call to alloc_rsm_map_table (bsc#1111666)\n- IB/hfi1: Close PSM sdma_progress sleep window (bsc#1111666)\n- IB/hfi1: Define variables as unsigned long to fix KASAN warning (bsc#1111666)\n- IB/hfi1: Ensure full Gen3 speed in a Gen4 system (bsc#1111666)\n- IB/hfi1: Fix Spectre v1 vulnerability (bsc#1111666)\n- IB/hfi1: Fix memory leaks in sysfs registration and unregistration (bsc#1111666)\n- IB/hfi1: Handle port down properly in pio (bsc#1111666)\n- IB/hfi1: Handle wakeup of orphaned QPs for pio (bsc#1111666)\n- IB/hfi1: Insure freeze_work work_struct is canceled on shutdown (bsc#1111666)\n- IB/hfi1: Remove unused define (bsc#1111666)\n- IB/hfi1: Silence txreq allocation warnings (bsc#1111666)\n- IB/hfi1: Validate page aligned for a given virtual address (bsc#1111666)\n- IB/hfi1: Wakeup QPs orphaned on wait list after flush (bsc#1111666)\n- IB/ipoib: Fix double free of skb in case of multicast traffic in CM mode (bsc#1111666)\n- IB/ipoib: Fix for use-after-free in ipoib_cm_tx_start (bsc#1111666)\n- IB/ipoib: drop useless LIST_HEAD (bsc#1111666)\n- IB/iser: Fix dma_nents type definition (bsc#1111666)\n- IB/iser: Pass the correct number of entries for dma mapped SGL (bsc#1111666)\n- IB/mad: Fix use-after-free in ib mad completion handling (bsc#1111666)\n- IB/mlx4: Add and improve logging (bsc#1111666)\n- IB/mlx4: Add support for MRA (bsc#1111666)\n- IB/mlx4: Adjust delayed work when a dup is observed (bsc#1111666)\n- IB/mlx4: Fix leak in id_map_find_del (bsc#1111666)\n- IB/mlx4: Fix memory leak in add_gid error flow (bsc#1111666)\n- IB/mlx4: Fix race condition between catas error reset and aliasguid flows (bsc#1111666)\n- IB/mlx4: Fix starvation in paravirt mux/demux (bsc#1111666)\n- IB/mlx4: Follow mirror sequence of device add during device removal (bsc#1111666)\n- IB/mlx4: Remove unneeded NULL check (bsc#1111666)\n- IB/mlx4: Test return value of calls to ib_get_cached_pkey (bsc#1111666)\n- IB/mlx5: Add missing XRC options to QP optional params mask (bsc#1111666)\n- IB/mlx5: Compare only index part of a memory window rkey (bsc#1111666)\n- IB/mlx5: Do not override existing ip_protocol (bsc#1111666)\n- IB/mlx5: Fix RSS Toeplitz setup to be aligned with the HW specification (bsc#1111666)\n- IB/mlx5: Fix clean_mr() to work in the expected order (bsc#1111666)\n- IB/mlx5: Fix implicit MR release flow (bsc#1111666)\n- IB/mlx5: Fix outstanding_pi index for GSI qps (bsc#1111666)\n- IB/mlx5: Fix unreg_umr to ignore the mkey state (bsc#1111666)\n- IB/mlx5: Improve ODP debugging messages (bsc#1111666)\n- IB/mlx5: Move MRs to a kernel PD when freeing them to the MR cache (bsc#1111666)\n- IB/mlx5: Prevent concurrent MR updates during invalidation (bsc#1111666)\n- IB/mlx5: Reset access mask when looping inside page fault handler (bsc#1111666)\n- IB/mlx5: Set correct write permissions for implicit ODP MR (bsc#1111666)\n- IB/mlx5: Use direct mkey destroy command upon UMR unreg failure (bsc#1111666)\n- IB/mlx5: Use fragmented QP\u0027s buffer for in-kernel users (bsc#1111666)\n- IB/mlx5: WQE dump jumps over first 16 bytes (bsc#1111666)\n- IB/mthca: fix return value of error branch in mthca_init_cq() (bsc#1111666)\n- IB/qib: Call kobject_put() when kobject_init_and_add() fails (bsc#1111666)\n- IB/qib: Fix an error code in qib_sdma_verbs_send() (bsc#1111666)\n- IB/qib: Remove a set-but-not-used variable (bsc#1111666)\n- IB/rdmavt: Convert timers to use timer_setup() (bsc#1111666)\n- IB/rdmavt: Fix alloc_qpn() WARN_ON() (bsc#1111666)\n- IB/rdmavt: Fix sizeof mismatch (bsc#1111666)\n- IB/rdmavt: Reset all QPs when the device is shut down (bsc#1111666)\n- IB/rxe: Fix incorrect cache cleanup in error flow (bsc#1111666)\n- IB/rxe: Make counters thread safe (bsc#1111666)\n- IB/srpt: Fix memory leak in srpt_add_one (bsc#1111666)\n- IB/umad: Avoid additional device reference during open()/close() (bsc#1111666)\n- IB/umad: Avoid destroying device while it is accessed (bsc#1111666)\n- IB/umad: Do not check status of nonseekable_open() (bsc#1111666)\n- IB/umad: Fix kernel crash while unloading ib_umad (bsc#1111666)\n- IB/umad: Refactor code to use cdev_device_add() (bsc#1111666)\n- IB/umad: Simplify and avoid dynamic allocation of class (bsc#1111666)\n- IB/usnic: Fix out of bounds index check in query pkey (bsc#1111666)\n- IB/uverbs: Fix OOPs upon device disassociation (bsc#1111666)\n- IB/{hfi1, qib}: Fix WC.byte_len calculation for UD_SEND_WITH_IMM (bsc#1111666)\n- IB/{qib, hfi1, rdmavt}: Correct ibv_devinfo max_mr value (bsc#1111666)\n- KVM host: kabi fixes for psci_version (bsc#1174726).\n- KVM: arm64: Add missing #include of \u0026lt;linux/string.h\u003e in guest.c (bsc#1174726).\n- KVM: arm64: Factor out core register ID enumeration (bsc#1174726).\n- KVM: arm64: Filter out invalid core register IDs in KVM_GET_REG_LIST (bsc#1174726).\n- KVM: arm64: Refactor kvm_arm_num_regs() for easier maintenance (bsc#1174726).\n- KVM: arm64: Reject ioctl access to FPSIMD V-regs on SVE vcpus (bsc#1174726).\n- NFS: mark nfsiod as CPU_INTENSIVE (bsc#1177304).\n- NFS: only invalidate dentrys that are clearly invalid (bsc#1178669 bsc#1170139).\n- PCI: pci-hyperv: Fix build errors on non-SYSFS config (git-fixes).\n- RDMA/bnxt_re: Fix Send Work Entry state check while polling completions (bsc#1111666)\n- RDMA/bnxt_re: Fix lifetimes in bnxt_re_task (bsc#1111666)\n- RDMA/bnxt_re: Fix sizeof mismatch for allocation of pbl_tbl. (bsc#1111666)\n- RDMA/bnxt_re: Fix stack-out-of-bounds in bnxt_qplib_rcfw_send_message (bsc#1111666)\n- RDMA/cm: Add missing locking around id.state in cm_dup_req_handler (bsc#1111666)\n- RDMA/cm: Fix checking for allowed duplicate listens (bsc#1111666)\n- RDMA/cm: Remove a race freeing timewait_info (bsc#1111666)\n- RDMA/cm: Update num_paths in cma_resolve_iboe_route error flow (bsc#1111666)\n- RDMA/cma: Fix false error message (bsc#1111666)\n- RDMA/cma: Protect bind_list and listen_list while finding matching cm id (bsc#1111666)\n- RDMA/cma: add missed unregister_pernet_subsys in init failure (bsc#1111666)\n- RDMA/cma: fix null-ptr-deref Read in cma_cleanup (bsc#1111666)\n- RDMA/core: Do not depend device ODP capabilities on kconfig option (bsc#1111666)\n- RDMA/core: Fix invalid memory access in spec_filter_size (bsc#1111666)\n- RDMA/core: Fix locking in ib_uverbs_event_read (bsc#1111666)\n- RDMA/core: Fix protection fault in ib_mr_pool_destroy (bsc#1111666)\n- RDMA/core: Fix race between destroy and release FD object (bsc#1111666)\n- RDMA/core: Fix race when resolving IP address (bsc#1111666)\n- RDMA/core: Prevent mixed use of FDs between shared ufiles (bsc#1111666)\n- RDMA/cxgb3: Delete and properly mark unimplemented resize CQ function (bsc#1111666)\n- RDMA/hns: Correct the value of HNS_ROCE_HEM_CHUNK_LEN (bsc#1111666)\n- RDMA/hns: Correct typo of hns_roce_create_cq() (bsc#1111666)\n- RDMA/hns: Remove unsupported modify_port callback (bsc#1111666)\n- RDMA/hns: Set the unsupported wr opcode (bsc#1111666)\n- RDMA/i40iw: Set queue pair state when being queried (bsc#1111666)\n- RDMA/i40iw: fix a potential NULL pointer dereference (bsc#1111666)\n- RDMA/ipoib: Fix ABBA deadlock with ipoib_reap_ah() (bsc#1111666)\n- RDMA/ipoib: Remove check for ETH_SS_TEST (bsc#1111666)\n- RDMA/ipoib: Return void from ipoib_ib_dev_stop() (bsc#1111666)\n- RDMA/ipoib: Set rtnl_link_ops for ipoib interfaces (bsc#1111666)\n- RDMA/iw_cxgb4: Avoid freeing skb twice in arp failure case (bsc#1111666)\n- RDMA/iw_cxgb4: Fix the unchecked ep dereference (bsc#1111666)\n- RDMA/iwcm: Fix a lock inversion issue (bsc#1111666)\n- RDMA/iwcm: Fix iwcm work deallocation (bsc#1111666)\n- RDMA/iwcm: move iw_rem_ref() calls out of spinlock (bsc#1111666)\n- RDMA/mad: Fix possible memory leak in ib_mad_post_receive_mads() (bsc#1111666)\n- RDMA/mlx4: Initialize ib_spec on the stack (bsc#1111666)\n- RDMA/mlx4: Read pkey table length instead of hardcoded value (bsc#1111666)\n- RDMA/mlx5: Clear old rate limit when closing QP (bsc#1111666)\n- RDMA/mlx5: Delete unreachable handle_atomic code by simplifying SW completion (bsc#1111666)\n- RDMA/mlx5: Fix a race with mlx5_ib_update_xlt on an implicit MR (bsc#1111666)\n- RDMA/mlx5: Fix access to wrong pointer while performing flush due to error (bsc#1111666)\n- RDMA/mlx5: Fix function name typo \u0027fileds\u0027 -\u003e \u0027fields\u0027 (bsc#1111666)\n- RDMA/mlx5: Return proper error value (bsc#1111666)\n- RDMA/mlx5: Set GRH fields in query QP on RoCE (bsc#1111666)\n- RDMA/mlx5: Verify that QP is created with RQ or SQ (bsc#1111666)\n- RDMA/nes: Remove second wait queue initialization call (bsc#1111666)\n- RDMA/netlink: Do not always generate an ACK for some netlink operations (bsc#1111666)\n- RDMA/ocrdma: Fix out of bounds index check in query pkey (bsc#1111666)\n- RDMA/ocrdma: Remove unsupported modify_port callback (bsc#1111666)\n- RDMA/pvrdma: Fix missing pci disable in pvrdma_pci_probe() (bsc#1111666)\n- RDMA/qedr: Endianness warnings cleanup (bsc#1111666)\n- RDMA/qedr: Fix KASAN: use-after-free in ucma_event_handler+0x532 (bsc#1050545).\n- RDMA/qedr: Fix doorbell setting (bsc#1111666)\n- RDMA/qedr: Fix memory leak in iWARP CM (bsc#1050545 ).\n- RDMA/qedr: Fix memory leak in user qp and mr (bsc#1111666)\n- RDMA/qedr: Fix reported firmware version (bsc#1111666)\n- RDMA/qedr: Fix use of uninitialized field (bsc#1111666)\n- RDMA/qedr: Remove unsupported modify_port callback (bsc#1111666)\n- RDMA/qedr: SRQ\u0027s bug fixes (bsc#1111666)\n- RDMA/qib: Delete extra line (bsc#1111666)\n- RDMA/qib: Remove all occurrences of BUG_ON() (bsc#1111666)\n- RDMA/qib: Validate -\u003eshow()/store() callbacks before calling them (bsc#1111666)\n- RDMA/rxe: Drop pointless checks in rxe_init_ports (bsc#1111666)\n- RDMA/rxe: Fill in wc byte_len with IB_WC_RECV_RDMA_WITH_IMM (bsc#1111666)\n- RDMA/rxe: Fix configuration of atomic queue pair attributes (bsc#1111666)\n- RDMA/rxe: Fix memleak in rxe_mem_init_user (bsc#1111666)\n- RDMA/rxe: Fix slab-out-bounds access which lead to kernel crash later (bsc#1111666)\n- RDMA/rxe: Fix soft lockup problem due to using tasklets in softirq (bsc#1111666)\n- RDMA/rxe: Fix the parent sysfs read when the interface has 15 chars (bsc#1111666)\n- RDMA/rxe: Prevent access to wr-\u003enext ptr afrer wr is posted to send queue (bsc#1111666)\n- RDMA/rxe: Remove unused rxe_mem_map_pages (bsc#1111666)\n- RDMA/rxe: Remove useless rxe_init_device_param assignments (bsc#1111666)\n- RDMA/rxe: Return void from rxe_init_port_param() (bsc#1111666)\n- RDMA/rxe: Return void from rxe_mem_init_dma() (bsc#1111666)\n- RDMA/rxe: Set default vendor ID (bsc#1111666)\n- RDMA/rxe: Set sys_image_guid to be aligned with HW IB devices (bsc#1111666)\n- RDMA/rxe: Skip dgid check in loopback mode (bsc#1111666)\n- RDMA/rxe: Use for_each_sg_page iterator on umem SGL (bsc#1111666)\n- RDMA/srp: Rework SCSI device reset handling (bsc#1111666)\n- RDMA/srpt: Fix typo in srpt_unregister_mad_agent docstring (bsc#1111666)\n- RDMA/srpt: Report the SCSI residual to the initiator (bsc#1111666)\n- RDMA/ucma: Add missing locking around rdma_leave_multicast() (bsc#1111666)\n- RDMA/ucma: Put a lock around every call to the rdma_cm layer (bsc#1111666)\n- RDMA/uverbs: Make the event_queue fds return POLLERR when disassociated (bsc#1111666)\n- RDMA/vmw_pvrdma: Fix memory leak on pvrdma_pci_remove (bsc#1111666)\n- RDMA/vmw_pvrdma: Use atomic memory allocation in create AH (bsc#1111666)\n- RDMA: Directly cast the sockaddr union to sockaddr (bsc#1111666)\n- RMDA/cm: Fix missing ib_cm_destroy_id() in ib_cm_insert_listen() (bsc#1111666)\n- Revert \u0027kernel/reboot.c: convert simple_strtoul to kstrtoint\u0027 (bsc#1179418).\n- SUNRPC: fix copying of multiple pages in gss_read_proxy_verf() (bsc#1103992).\n- Staging: rtl8188eu: rtw_mlme: Fix uninitialized variable authmode (git-fixes).\n- USB: core: Fix regression in Hercules audio card (git-fixes).\n- Update references in patches.suse/net-smc-tolerate-future-smcd-versions (bsc#1172542 LTC#186070 git-fixes).\n- arm/arm64: KVM: Add PSCI version selection API (bsc#1174726).\n- arm64: KVM: Fix system register enumeration (bsc#1174726).\n- ath10k: Acquire tx_lock in tx error paths (git-fixes).\n- batman-adv: set .owner to THIS_MODULE (git-fixes).\n- bnxt_en: Fix race when modifying pause settings (bsc#1050242 ).\n- bnxt_en: Protect bnxt_set_eee() and bnxt_set_pauseparam() with mutex (bsc#1050242).\n- btrfs: account ticket size at add/delete time (bsc#1178897).\n- btrfs: add helper to obtain number of devices with ongoing dev-replace (bsc#1178897).\n- btrfs: check rw_devices, not num_devices for balance (bsc#1178897).\n- btrfs: do not delete mismatched root refs (bsc#1178962).\n- btrfs: fix btrfs_calc_reclaim_metadata_size calculation (bsc#1178897).\n- btrfs: fix force usage in inc_block_group_ro (bsc#1178897).\n- btrfs: fix invalid removal of root ref (bsc#1178962).\n- btrfs: fix reclaim counter leak of space_info objects (bsc#1178897).\n- btrfs: fix reclaim_size counter leak after stealing from global reserve (bsc#1178897).\n- btrfs: kill min_allocable_bytes in inc_block_group_ro (bsc#1178897).\n- btrfs: rework arguments of btrfs_unlink_subvol (bsc#1178962).\n- btrfs: split dev-replace locking helpers for read and write (bsc#1178897). Needed as a prep patch for further improvements around btrfs.\n- can: gs_usb: fix endianess problem with candleLight firmware (git-fixes).\n- can: m_can: fix nominal bitiming tseg2 min for version \u003e= 3.1 (git-fixes).\n- ceph: add check_session_state() helper and make it global (bsc#1179259).\n- ceph: check session state after bumping session-\u003es_seq (bsc#1179259).\n- ceph: fix race in concurrent __ceph_remove_cap invocations (bsc#1178635).\n- cifs: Fix incomplete memory allocation on setxattr path (bsc#1179211).\n- cifs: Return the error from crypt_message when enc/dec key not found (bsc#1179426).\n- cifs: remove bogus debug code (bsc#1179427).\n- cxgb4: Fix offset when clearing filter byte counters (bsc#1064802 bsc#1066129).\n- docs: ABI: stable: remove a duplicated documentation (git-fixes).\n- drm/i915/gvt: Set ENHANCED_FRAME_CAP bit (git-fixes).\n- drm/sun4i: dw-hdmi: fix error return code in sun8i_dw_hdmi_bind() (git-fixes).\n- efi/efivars: Add missing kobject_put() in sysfs entry creation error path (git-fixes).\n- efi/esrt: Fix reference count leak in esre_create_sysfs_entry (git-fixes).\n- efi/x86: Do not panic or BUG() on non-critical error conditions (git-fixes).\n- efi/x86: Free efi_pgd with free_pages() (bsc#1112178).\n- efi/x86: Ignore the memory attributes table on i386 (git-fixes).\n- efi/x86: Map the entire EFI vendor string before copying it (git-fixes).\n- efi: cper: Fix possible out-of-bounds access (git-fixes).\n- efi: provide empty efi_enter_virtual_mode implementation (git-fixes).\n- efivarfs: fix memory leak in efivarfs_create() (git-fixes).\n- efivarfs: revert \u0027fix memory leak in efivarfs_create()\u0027 (git-fixes).\n- fuse: fix page dereference after free (bsc#1179213).\n- hv_balloon: disable warning when floor reached (git-fixes).\n- i40iw: Fix error handling in i40iw_manage_arp_cache() (bsc#1111666)\n- i40iw: Report correct firmware version (bsc#1111666)\n- i40iw: fix null pointer dereference on a null wqe pointer (bsc#1111666)\n- igc: Fix returning wrong statistics (bsc#1118657).\n- iio: accel: kxcjk1013: Add support for KIOX010A ACPI DSM for setting tablet-mode (git-fixes).\n- iio: accel: kxcjk1013: Replace is_smo8500_device with an acpi_type enum (git-fixes).\n- iw_cxgb4: fix ECN check on the passive accept (bsc#1111666)\n- iw_cxgb4: only reconnect with MPAv1 if the peer aborts (bsc#1111666)\n- kABI workaround for usermodehelper changes (bsc#1179406).\n- kABI: add back flush_dcache_range (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- libnvdimm/nvdimm/flush: Allow architecture to override the flush barrier (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- mac80211: always wind down STA state (git-fixes).\n- mac80211: free sta in sta_info_insert_finish() on errors (git-fixes).\n- mlxsw: core: Fix memory leak on module removal (bsc#1112374).\n- mm: always have io_remap_pfn_range() set pgprot_decrypted() (bsc#1112178).\n- net/tls: Fix kmap usage (bsc#1109837).\n- net/tls: missing received data after fast remote close (bsc#1109837).\n- net: DCB: Validate DCB_ATTR_DCB_BUFFER argument (bsc#1103990 ).\n- net: ena: fix packet\u0027s addresses for rx_offset feature (bsc#1174852).\n- net: ena: handle bad request id in ena_netdev (git-fixes).\n- net: qed: fix \u0027maybe uninitialized\u0027 warning (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- net: qed: fix async event callbacks unregistering (bsc#1104393 bsc#1104389).\n- net: qede: fix PTP initialization on recovery (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- net: qede: fix use-after-free on recovery and AER handling (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- net: thunderx: use spin_lock_bh in nicvf_set_rx_mode_task() (bsc#1110096).\n- net_sched: fix a memory leak in atm_tc_init() (bsc#1056657 bsc#1056653 bsc#1056787).\n- nfc: s3fwrn5: use signed integer for parsing GPIO numbers (git-fixes).\n- nfp: use correct define to return NONE fec (bsc#1109837).\n- pinctrl: amd: fix incorrect way to disable debounce filter (git-fixes).\n- pinctrl: amd: use higher precision for 512 RtcClk (git-fixes).\n- pinctrl: aspeed: Fix GPI only function problem (git-fixes).\n- platform/x86: toshiba_acpi: Fix the wrong variable assignment (git-fixes).\n- powerpc/32: define helpers to get L1 cache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/64: flush_inval_dcache_range() becomes flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/64: reuse PPC32 static inline flush_dcache_range() (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/mm: Flush cache on memory hot(un)plug (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Add flush routines using new pmem store and sync instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Add new instructions for persistent storage and sync (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Avoid the barrier in flush routines (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Fix kernel crash due to wrong range value usage in flush_dcache_range (jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Initialize pmem device on newer hardware (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Restrict papr_scm to P8 and above (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc/pmem: Update ppc64 to use the new barrier instruction (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- powerpc: Chunk calls to flush_dcache_range in arch_*_memory (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964 git-fixes).\n- powerpc: define helpers to get L1 icache sizes (jsc#SLE-16402 jsc#SLE-16497 bsc#1176109 ltc#187964).\n- qed: fix error return code in qed_iwarp_ll2_start() (bsc#1050536 bsc#1050545).\n- qed: suppress \u0027do not support RoCE \u0026 iWARP\u0027 flooding on HW init (bsc#1050536 bsc#1050545).\n- qed: suppress false-positives interrupt error messages on HW init (bsc#1136460 jsc#SLE-4691 bsc#1136461 jsc#SLE-4692).\n- reboot: fix overflow parsing reboot cpu number (bsc#1179421).\n- rxe: correctly calculate iCRC for unaligned payloads (bsc#1111666)\n- rxe: fix error completion wr_id and qp_num (bsc#1111666)\n- s390/cio: add cond_resched() in the slow_eval_known_fn() loop (bsc#1177805 LTC#188737).\n- s390/cpum_cf,perf: change DFLT_CCERROR counter name (bsc#1175916 LTC#187937).\n- s390/dasd: Fix zero write for FBA devices (bsc#1177808 LTC#188739).\n- s390: kernel/uv: handle length extension properly (bsc#1178940 LTC#189323).\n- sched/core: Fix PI boosting between RT and DEADLINE tasks (bsc#1112178).\n- sched/x86: SaveFLAGS on context switch (bsc#1112178).\n- scripts/git_sort/git_sort.py: add ceph maintainers git tree\n- scsi: RDMA/srpt: Fix a credit leak for aborted commands (bsc#1111666)\n- staging: rtl8723bs: Add 024c:0627 to the list of SDIO device-ids (git-fixes).\n- svcrdma: Fix page leak in svc_rdma_recv_read_chunk() (bsc#1103992).\n- svcrdma: fix bounce buffers for unaligned offsets and multiple pages (bsc#1103992).\n- tcp: Set INET_ECN_xmit configuration in tcp_reinit_congestion_control (bsc#1109837).\n- tracing: Fix out of bounds write in get_trace_buf (bsc#1179403).\n- tty: serial: imx: keep console clocks always on (git-fixes).\n- usb: cdc-acm: Add DISABLE_ECHO for Renesas USB Download mode (git-fixes).\n- usb: gadget: Fix memleak in gadgetfs_fill_super (git-fixes).\n- usb: gadget: f_midi: Fix memleak in f_midi_alloc (git-fixes).\n- usb: host: xhci-mtk: avoid runtime suspend when removing hcd (git-fixes).\n- usermodehelper: reset umask to default before executing user process (bsc#1179406).\n- video: hyperv_fb: Fix the cache type when mapping the VRAM (git-fixes).\n- x86/PCI: Avoid AMD FCH XHCI USB PME# from D0 defect (git-fixes).\n- x86/PCI: Fix intel_mid_pci.c build error when ACPI is not enabled (git-fixes).\n- x86/PCI: Mark Intel C620 MROMs as having non-compliant BARs (git-fixes).\n- x86/hyperv: Clarify comment on x2apic mode (git-fixes).\n- x86/hyperv: Make vapic support x2apic mode (git-fixes).\n- x86/microcode/intel: Check patch signature before saving microcode for early loading (bsc#1112178).\n- x86/speculation: Allow IBPB to be conditionally enabled on CPUs with always-on STIBP (bsc#1112178).\n- x86/sysfb_efi: Add quirks for some devices with swapped width and height (git-fixes).\n- xfrm: Fix memleak on xfrm state destroy (bsc#1158775).\n- xfs: revert \u0027xfs: fix rmap key and record comparison functions\u0027 (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-2193",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_2193-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:2193-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4YRSQJNKLIOJJTD3P2UKMHRFMCIG3JDN/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:2193-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4YRSQJNKLIOJJTD3P2UKMHRFMCIG3JDN/"
},
{
"category": "self",
"summary": "SUSE Bug 1050242",
"url": "https://bugzilla.suse.com/1050242"
},
{
"category": "self",
"summary": "SUSE Bug 1050536",
"url": "https://bugzilla.suse.com/1050536"
},
{
"category": "self",
"summary": "SUSE Bug 1050545",
"url": "https://bugzilla.suse.com/1050545"
},
{
"category": "self",
"summary": "SUSE Bug 1056653",
"url": "https://bugzilla.suse.com/1056653"
},
{
"category": "self",
"summary": "SUSE Bug 1056657",
"url": "https://bugzilla.suse.com/1056657"
},
{
"category": "self",
"summary": "SUSE Bug 1056787",
"url": "https://bugzilla.suse.com/1056787"
},
{
"category": "self",
"summary": "SUSE Bug 1064802",
"url": "https://bugzilla.suse.com/1064802"
},
{
"category": "self",
"summary": "SUSE Bug 1066129",
"url": "https://bugzilla.suse.com/1066129"
},
{
"category": "self",
"summary": "SUSE Bug 1103990",
"url": "https://bugzilla.suse.com/1103990"
},
{
"category": "self",
"summary": "SUSE Bug 1103992",
"url": "https://bugzilla.suse.com/1103992"
},
{
"category": "self",
"summary": "SUSE Bug 1104389",
"url": "https://bugzilla.suse.com/1104389"
},
{
"category": "self",
"summary": "SUSE Bug 1104393",
"url": "https://bugzilla.suse.com/1104393"
},
{
"category": "self",
"summary": "SUSE Bug 1109837",
"url": "https://bugzilla.suse.com/1109837"
},
{
"category": "self",
"summary": "SUSE Bug 1110096",
"url": "https://bugzilla.suse.com/1110096"
},
{
"category": "self",
"summary": "SUSE Bug 1111666",
"url": "https://bugzilla.suse.com/1111666"
},
{
"category": "self",
"summary": "SUSE Bug 1112178",
"url": "https://bugzilla.suse.com/1112178"
},
{
"category": "self",
"summary": "SUSE Bug 1112374",
"url": "https://bugzilla.suse.com/1112374"
},
{
"category": "self",
"summary": "SUSE Bug 1118657",
"url": "https://bugzilla.suse.com/1118657"
},
{
"category": "self",
"summary": "SUSE Bug 1122971",
"url": "https://bugzilla.suse.com/1122971"
},
{
"category": "self",
"summary": "SUSE Bug 1136460",
"url": "https://bugzilla.suse.com/1136460"
},
{
"category": "self",
"summary": "SUSE Bug 1136461",
"url": "https://bugzilla.suse.com/1136461"
},
{
"category": "self",
"summary": "SUSE Bug 1158775",
"url": "https://bugzilla.suse.com/1158775"
},
{
"category": "self",
"summary": "SUSE Bug 1170139",
"url": "https://bugzilla.suse.com/1170139"
},
{
"category": "self",
"summary": "SUSE Bug 1172542",
"url": "https://bugzilla.suse.com/1172542"
},
{
"category": "self",
"summary": "SUSE Bug 1174726",
"url": "https://bugzilla.suse.com/1174726"
},
{
"category": "self",
"summary": "SUSE Bug 1174852",
"url": "https://bugzilla.suse.com/1174852"
},
{
"category": "self",
"summary": "SUSE Bug 1175916",
"url": "https://bugzilla.suse.com/1175916"
},
{
"category": "self",
"summary": "SUSE Bug 1176109",
"url": "https://bugzilla.suse.com/1176109"
},
{
"category": "self",
"summary": "SUSE Bug 1177304",
"url": "https://bugzilla.suse.com/1177304"
},
{
"category": "self",
"summary": "SUSE Bug 1177666",
"url": "https://bugzilla.suse.com/1177666"
},
{
"category": "self",
"summary": "SUSE Bug 1177805",
"url": "https://bugzilla.suse.com/1177805"
},
{
"category": "self",
"summary": "SUSE Bug 1177808",
"url": "https://bugzilla.suse.com/1177808"
},
{
"category": "self",
"summary": "SUSE Bug 1178589",
"url": "https://bugzilla.suse.com/1178589"
},
{
"category": "self",
"summary": "SUSE Bug 1178635",
"url": "https://bugzilla.suse.com/1178635"
},
{
"category": "self",
"summary": "SUSE Bug 1178669",
"url": "https://bugzilla.suse.com/1178669"
},
{
"category": "self",
"summary": "SUSE Bug 1178897",
"url": "https://bugzilla.suse.com/1178897"
},
{
"category": "self",
"summary": "SUSE Bug 1178940",
"url": "https://bugzilla.suse.com/1178940"
},
{
"category": "self",
"summary": "SUSE Bug 1178962",
"url": "https://bugzilla.suse.com/1178962"
},
{
"category": "self",
"summary": "SUSE Bug 1179107",
"url": "https://bugzilla.suse.com/1179107"
},
{
"category": "self",
"summary": "SUSE Bug 1179140",
"url": "https://bugzilla.suse.com/1179140"
},
{
"category": "self",
"summary": "SUSE Bug 1179141",
"url": "https://bugzilla.suse.com/1179141"
},
{
"category": "self",
"summary": "SUSE Bug 1179211",
"url": "https://bugzilla.suse.com/1179211"
},
{
"category": "self",
"summary": "SUSE Bug 1179213",
"url": "https://bugzilla.suse.com/1179213"
},
{
"category": "self",
"summary": "SUSE Bug 1179259",
"url": "https://bugzilla.suse.com/1179259"
},
{
"category": "self",
"summary": "SUSE Bug 1179403",
"url": "https://bugzilla.suse.com/1179403"
},
{
"category": "self",
"summary": "SUSE Bug 1179406",
"url": "https://bugzilla.suse.com/1179406"
},
{
"category": "self",
"summary": "SUSE Bug 1179418",
"url": "https://bugzilla.suse.com/1179418"
},
{
"category": "self",
"summary": "SUSE Bug 1179421",
"url": "https://bugzilla.suse.com/1179421"
},
{
"category": "self",
"summary": "SUSE Bug 1179424",
"url": "https://bugzilla.suse.com/1179424"
},
{
"category": "self",
"summary": "SUSE Bug 1179426",
"url": "https://bugzilla.suse.com/1179426"
},
{
"category": "self",
"summary": "SUSE Bug 1179427",
"url": "https://bugzilla.suse.com/1179427"
},
{
"category": "self",
"summary": "SUSE Bug 1179429",
"url": "https://bugzilla.suse.com/1179429"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-20669 page",
"url": "https://www.suse.com/security/cve/CVE-2018-20669/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15436 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15436/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15437 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15437/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-27777 page",
"url": "https://www.suse.com/security/cve/CVE-2020-27777/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-28974 page",
"url": "https://www.suse.com/security/cve/CVE-2020-28974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-29371 page",
"url": "https://www.suse.com/security/cve/CVE-2020-29371/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-4788 page",
"url": "https://www.suse.com/security/cve/CVE-2020-4788/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2020-12-07T11:06:42Z",
"generator": {
"date": "2020-12-07T11:06:42Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:2193-1",
"initial_release_date": "2020-12-07T11:06:42Z",
"revision_history": [
{
"date": "2020-12-07T11:06:42Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-4.12.14-lp151.28.87.1.noarch",
"product": {
"name": "kernel-devel-4.12.14-lp151.28.87.1.noarch",
"product_id": "kernel-devel-4.12.14-lp151.28.87.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-4.12.14-lp151.28.87.1.noarch",
"product": {
"name": "kernel-docs-4.12.14-lp151.28.87.1.noarch",
"product_id": "kernel-docs-4.12.14-lp151.28.87.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"product": {
"name": "kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"product_id": "kernel-docs-html-4.12.14-lp151.28.87.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-4.12.14-lp151.28.87.1.noarch",
"product": {
"name": "kernel-macros-4.12.14-lp151.28.87.1.noarch",
"product_id": "kernel-macros-4.12.14-lp151.28.87.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-4.12.14-lp151.28.87.1.noarch",
"product": {
"name": "kernel-source-4.12.14-lp151.28.87.1.noarch",
"product_id": "kernel-source-4.12.14-lp151.28.87.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"product": {
"name": "kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"product_id": "kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-debug-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-debug-base-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-default-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-default-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-default-base-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-default-devel-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-obs-build-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"product": {
"name": "kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"product_id": "kernel-syms-4.12.14-lp151.28.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-vanilla-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64",
"product": {
"name": "kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64",
"product_id": "kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-base-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-default-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-4.12.14-lp151.28.87.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch"
},
"product_reference": "kernel-devel-4.12.14-lp151.28.87.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-4.12.14-lp151.28.87.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch"
},
"product_reference": "kernel-docs-4.12.14-lp151.28.87.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-html-4.12.14-lp151.28.87.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch"
},
"product_reference": "kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-4.12.14-lp151.28.87.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch"
},
"product_reference": "kernel-macros-4.12.14-lp151.28.87.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-4.12.14-lp151.28.87.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch"
},
"product_reference": "kernel-source-4.12.14-lp151.28.87.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch"
},
"product_reference": "kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-4.12.14-lp151.28.87.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64"
},
"product_reference": "kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
},
"product_reference": "kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-20669",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-20669"
}
],
"notes": [
{
"category": "general",
"text": "An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-20669",
"url": "https://www.suse.com/security/cve/CVE-2018-20669"
},
{
"category": "external",
"summary": "SUSE Bug 1122971 for CVE-2018-20669",
"url": "https://bugzilla.suse.com/1122971"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-07T11:06:42Z",
"details": "important"
}
],
"title": "CVE-2018-20669"
},
{
"cve": "CVE-2020-15436",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15436"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15436",
"url": "https://www.suse.com/security/cve/CVE-2020-15436"
},
{
"category": "external",
"summary": "SUSE Bug 1179141 for CVE-2020-15436",
"url": "https://bugzilla.suse.com/1179141"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-07T11:06:42Z",
"details": "moderate"
}
],
"title": "CVE-2020-15436"
},
{
"cve": "CVE-2020-15437",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15437"
}
],
"notes": [
{
"category": "general",
"text": "The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p-\u003eserial_in pointer which uninitialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15437",
"url": "https://www.suse.com/security/cve/CVE-2020-15437"
},
{
"category": "external",
"summary": "SUSE Bug 1179140 for CVE-2020-15437",
"url": "https://bugzilla.suse.com/1179140"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-07T11:06:42Z",
"details": "moderate"
}
],
"title": "CVE-2020-15437"
},
{
"cve": "CVE-2020-27777",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-27777"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-27777",
"url": "https://www.suse.com/security/cve/CVE-2020-27777"
},
{
"category": "external",
"summary": "SUSE Bug 1179107 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1179107"
},
{
"category": "external",
"summary": "SUSE Bug 1179419 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1179419"
},
{
"category": "external",
"summary": "SUSE Bug 1200343 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1200343"
},
{
"category": "external",
"summary": "SUSE Bug 1220060 for CVE-2020-27777",
"url": "https://bugzilla.suse.com/1220060"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-07T11:06:42Z",
"details": "moderate"
}
],
"title": "CVE-2020-27777"
},
{
"cve": "CVE-2020-28974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-28974"
}
],
"notes": [
{
"category": "general",
"text": "A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-28974",
"url": "https://www.suse.com/security/cve/CVE-2020-28974"
},
{
"category": "external",
"summary": "SUSE Bug 1178589 for CVE-2020-28974",
"url": "https://bugzilla.suse.com/1178589"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-07T11:06:42Z",
"details": "moderate"
}
],
"title": "CVE-2020-28974"
},
{
"cve": "CVE-2020-29371",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-29371"
}
],
"notes": [
{
"category": "general",
"text": "An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-29371",
"url": "https://www.suse.com/security/cve/CVE-2020-29371"
},
{
"category": "external",
"summary": "SUSE Bug 1179429 for CVE-2020-29371",
"url": "https://bugzilla.suse.com/1179429"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-07T11:06:42Z",
"details": "low"
}
],
"title": "CVE-2020-29371"
},
{
"cve": "CVE-2020-4788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-4788"
}
],
"notes": [
{
"category": "general",
"text": "IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-4788",
"url": "https://www.suse.com/security/cve/CVE-2020-4788"
},
{
"category": "external",
"summary": "SUSE Bug 1177666 for CVE-2020-4788",
"url": "https://bugzilla.suse.com/1177666"
},
{
"category": "external",
"summary": "SUSE Bug 1181158 for CVE-2020-4788",
"url": "https://bugzilla.suse.com/1181158"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:kernel-debug-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-debug-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-default-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-devel-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-docs-html-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-kvmsmall-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-kvmsmall-devel-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-macros-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-obs-build-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-obs-qa-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-source-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-source-vanilla-4.12.14-lp151.28.87.1.noarch",
"openSUSE Leap 15.1:kernel-syms-4.12.14-lp151.28.87.1.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-base-4.12.14-lp151.28.87.2.x86_64",
"openSUSE Leap 15.1:kernel-vanilla-devel-4.12.14-lp151.28.87.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-12-07T11:06:42Z",
"details": "moderate"
}
],
"title": "CVE-2020-4788"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…