Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2015-4692 (GCVE-0-2015-4692)
Vulnerability from cvelistv5 – Published: 2015-07-27 10:00 – Updated: 2024-08-06 06:18
VLAI?
EPSS
Summary
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T06:18:12.182Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20150620 Re: CVE request -- Linux kernel - kvm: x86: NULL pointer dereference in kvm_apic_has_events function",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/21/1"
},
{
"name": "USN-2680-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2680-1"
},
{
"name": "USN-2682-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2682-1"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "SUSE-SU-2015:1324",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"name": "DSA-3329",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2015/dsa-3329"
},
{
"name": "FEDORA-2015-10678",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html"
},
{
"name": "openSUSE-SU-2015:1382",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"name": "USN-2684-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2684-1"
},
{
"name": "USN-2681-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2681-1"
},
{
"name": "USN-2683-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/USN-2683-1"
},
{
"name": "75142",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/75142"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "1032798",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1032798"
},
{
"name": "FEDORA-2015-10677",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA",
"x_transferred"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-06-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-21T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[oss-security] 20150620 Re: CVE request -- Linux kernel - kvm: x86: NULL pointer dereference in kvm_apic_has_events function",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://www.openwall.com/lists/oss-security/2015/06/21/1"
},
{
"name": "USN-2680-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2680-1"
},
{
"name": "USN-2682-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2682-1"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "SUSE-SU-2015:1324",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"name": "DSA-3329",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2015/dsa-3329"
},
{
"name": "FEDORA-2015-10678",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html"
},
{
"name": "openSUSE-SU-2015:1382",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"name": "USN-2684-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2684-1"
},
{
"name": "USN-2681-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2681-1"
},
{
"name": "USN-2683-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/USN-2683-1"
},
{
"name": "75142",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/75142"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "1032798",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1032798"
},
{
"name": "FEDORA-2015-10677",
"tags": [
"vendor-advisory",
"x_refsource_FEDORA"
],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150620 Re: CVE request -- Linux kernel - kvm: x86: NULL pointer dereference in kvm_apic_has_events function",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/21/1"
},
{
"name": "USN-2680-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2680-1"
},
{
"name": "USN-2682-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2682-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
},
{
"name": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "SUSE-SU-2015:1324",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"name": "DSA-3329",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3329"
},
{
"name": "FEDORA-2015-10678",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html"
},
{
"name": "openSUSE-SU-2015:1382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"name": "USN-2684-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2684-1"
},
{
"name": "USN-2681-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2681-1"
},
{
"name": "USN-2683-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2683-1"
},
{
"name": "75142",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75142"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "1032798",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032798"
},
{
"name": "FEDORA-2015-10677",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-4692",
"datePublished": "2015-07-27T10:00:00",
"dateReserved": "2015-06-19T00:00:00",
"dateUpdated": "2024-08-06T06:18:12.182Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionEndIncluding\": \"4.1.3\", \"matchCriteriaId\": \"C06FC91E-00B9-4165-9522-70664810FB15\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.\"}, {\"lang\": \"es\", \"value\": \"Vulnerabilidad en la funci\\u00f3n kvm_apic_has_events en arch/x86/kvm/lapic.h en el Kernel de Linux hasta la versi\\u00f3n 4.1.3, permite a usuarios locales causar una denegaci\\u00f3n de servicio (mediante la referencia a un puntero NULO y una ca\\u00edda del sistema) o posiblemente tener otro impacto no especificado a trav\\u00e9s del aprovechamiento de acceso a /dev/kvm para una llamada ioctl.\"}]",
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2015-4692",
"lastModified": "2024-11-21T02:31:34.453",
"metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2015-07-27T10:59:00.063",
"references": "[{\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.debian.org/security/2015/dsa-3329\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/06/21/1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/75142\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securitytracker.com/id/1032798\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2680-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2681-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2682-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2683-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2684-1\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1230770\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.debian.org/security/2015/dsa-3329\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2015/06/21/1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/75142\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securitytracker.com/id/1032798\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2680-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2681-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2682-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2683-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.ubuntu.com/usn/USN-2684-1\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1230770\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2015-4692\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2015-07-27T10:59:00.063\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en la funci\u00f3n kvm_apic_has_events en arch/x86/kvm/lapic.h en el Kernel de Linux hasta la versi\u00f3n 4.1.3, permite a usuarios locales causar una denegaci\u00f3n de servicio (mediante la referencia a un puntero NULO y una ca\u00edda del sistema) o posiblemente tener otro impacto no especificado a trav\u00e9s del aprovechamiento de acceso a /dev/kvm para una llamada ioctl.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.1.3\",\"matchCriteriaId\":\"C06FC91E-00B9-4165-9522-70664810FB15\"}]}]}],\"references\":[{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3329\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/06/21/1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/75142\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securitytracker.com/id/1032798\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2680-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2681-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2682-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2683-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2684-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1230770\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2015/dsa-3329\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2015/06/21/1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/75142\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1032798\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2680-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2681-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2682-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2683-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.ubuntu.com/usn/USN-2684-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1230770\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorComment\":\"\u003ca href=\\\"http://cwe.mitre.org/data/definitions/476.html\\\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e\"}}"
}
}
CERTFR-2015-AVI-269
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été corrigée dans le noyau Linux de Fedora. Elle permet à un attaquant de provoquer un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Noyau Linux de Fedora versions inférieures à 4.0.6-300.fc22
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eNoyau Linux de Fedora versions inf\u00e9rieures \u00e0 4.0.6-300.fc22\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4692"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-269",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-06-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans le \u003cspan class=\"textit\"\u003enoyau\nLinux de Fedora\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni\nde service.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans le noyau Linux de Fedora",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fedora du 27 juin 2015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
}
]
}
CERTFR-2015-AVI-357
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux de OpenSUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
openSUSE 13.2
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eopenSUSE 13.2\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4002"
},
{
"name": "CVE-2015-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4692"
},
{
"name": "CVE-2015-3290",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3290"
},
{
"name": "CVE-2015-4036",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4036"
},
{
"name": "CVE-2015-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2922"
},
{
"name": "CVE-2015-4700",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
},
{
"name": "CVE-2015-4001",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4001"
},
{
"name": "CVE-2015-3339",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3339"
},
{
"name": "CVE-2014-9729",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9729"
},
{
"name": "CVE-2015-2041",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2041"
},
{
"name": "CVE-2014-9728",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9728"
},
{
"name": "CVE-2015-4167",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4167"
},
{
"name": "CVE-2014-9730",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9730"
},
{
"name": "CVE-2015-5366",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
},
{
"name": "CVE-2015-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1420"
},
{
"name": "CVE-2015-5364",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
},
{
"name": "CVE-2015-1465",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1465"
},
{
"name": "CVE-2015-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3212"
},
{
"name": "CVE-2014-9731",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9731"
},
{
"name": "CVE-2015-3636",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3636"
},
{
"name": "CVE-2015-4003",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4003"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 openSUSE-SU-2015:1382-1 du 14 ao\u00fbt 2015",
"url": "https://lwn.net/Articles/654531/"
}
],
"reference": "CERTFR-2015-AVI-357",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-08-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de OpenSUSE\u003c/span\u003e. Certaines d\u0027entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de\nservice \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de OpenSUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 openSUSE-SU-2015:1382-1 du 14 ao\u00fbt 2015",
"url": null
}
]
}
CERTFR-2015-AVI-318
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un déni de service à distance, un déni de service et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 12.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 15.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4692"
},
{
"name": "CVE-2015-4700",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
},
{
"name": "CVE-2015-5366",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
},
{
"name": "CVE-2015-5364",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
},
{
"name": "CVE-2015-1805",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1805"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-318",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-07-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance, un d\u00e9ni de service et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2678-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2678-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2681-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2681-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2679-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2679-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2680-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2680-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2684-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2684-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2683-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2683-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2682-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2682-1/"
}
]
}
CERTFR-2015-AVI-357
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux de OpenSUSE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
openSUSE 13.2
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eopenSUSE 13.2\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-4002",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4002"
},
{
"name": "CVE-2015-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4692"
},
{
"name": "CVE-2015-3290",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3290"
},
{
"name": "CVE-2015-4036",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4036"
},
{
"name": "CVE-2015-2922",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2922"
},
{
"name": "CVE-2015-4700",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
},
{
"name": "CVE-2015-4001",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4001"
},
{
"name": "CVE-2015-3339",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3339"
},
{
"name": "CVE-2014-9729",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9729"
},
{
"name": "CVE-2015-2041",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2041"
},
{
"name": "CVE-2014-9728",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9728"
},
{
"name": "CVE-2015-4167",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4167"
},
{
"name": "CVE-2014-9730",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9730"
},
{
"name": "CVE-2015-5366",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
},
{
"name": "CVE-2015-1420",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1420"
},
{
"name": "CVE-2015-5364",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
},
{
"name": "CVE-2015-1465",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1465"
},
{
"name": "CVE-2015-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3212"
},
{
"name": "CVE-2014-9731",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-9731"
},
{
"name": "CVE-2015-3636",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3636"
},
{
"name": "CVE-2015-4003",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4003"
}
],
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 openSUSE-SU-2015:1382-1 du 14 ao\u00fbt 2015",
"url": "https://lwn.net/Articles/654531/"
}
],
"reference": "CERTFR-2015-AVI-357",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-08-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003ele noyau Linux de OpenSUSE\u003c/span\u003e. Certaines d\u0027entre\nelles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code\narbitraire \u00e0 distance, une ex\u00e9cution de code arbitraire et un d\u00e9ni de\nservice \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de OpenSUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 openSUSE-SU-2015:1382-1 du 14 ao\u00fbt 2015",
"url": null
}
]
}
CERTFR-2015-AVI-318
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux d'Ubuntu. Elles permettent à un attaquant de provoquer un déni de service à distance, un déni de service et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 12.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 15.04",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4692"
},
{
"name": "CVE-2015-4700",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
},
{
"name": "CVE-2015-5366",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
},
{
"name": "CVE-2015-5364",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
},
{
"name": "CVE-2015-1805",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1805"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-318",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-07-24T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\nd\u0027\u003cspan class=\"textit\"\u003eUbuntu\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance, un d\u00e9ni de service et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2678-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2678-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2681-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2681-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2679-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2679-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2680-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2680-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2684-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2684-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2683-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2683-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-2682-1 du 23 juillet 2015",
"url": "http://www.ubuntu.com/usn/usn-2682-1/"
}
]
}
CERTFR-2015-AVI-269
Vulnerability from certfr_avis - Published: - Updated:
Une vulnérabilité a été corrigée dans le noyau Linux de Fedora. Elle permet à un attaquant de provoquer un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Noyau Linux de Fedora versions inférieures à 4.0.6-300.fc22
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eNoyau Linux de Fedora versions inf\u00e9rieures \u00e0 4.0.6-300.fc22\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4692"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-269",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-06-30T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 corrig\u00e9e dans le \u003cspan class=\"textit\"\u003enoyau\nLinux de Fedora\u003c/span\u003e. Elle permet \u00e0 un attaquant de provoquer un d\u00e9ni\nde service.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans le noyau Linux de Fedora",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Fedora du 27 juin 2015",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
}
]
}
CERTFR-2015-AVI-331
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux Debian. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian Sid (unstable) versions ant\u00e9rieures \u00e0 4.1.3-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian Wheezy (oldstable) versions ant\u00e9rieures \u00e0 3.2.68-1+deb7u3",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian Jessie (stable) versions ant\u00e9rieures \u00e0 3.16.7-ckt11-1+deb8u3",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-5706",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5706"
},
{
"name": "CVE-2015-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4692"
},
{
"name": "CVE-2015-4700",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
},
{
"name": "CVE-2015-5707",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5707"
},
{
"name": "CVE-2015-5697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5697"
},
{
"name": "CVE-2015-1333",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1333"
},
{
"name": "CVE-2015-5366",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
},
{
"name": "CVE-2015-5364",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
},
{
"name": "CVE-2015-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3212"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-331",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-08-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le \u003cspan\nclass=\"textit\"\u003enoyau Linux Debian\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un\nd\u00e9ni de service \u00e0 distance, un d\u00e9ni de service et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux Debian",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-3329-1 du 07 ao\u00fbt 2015",
"url": "https://www.debian.org/security/2015/dsa-3329"
}
]
}
CERTFR-2015-AVI-331
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans le noyau Linux Debian. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian Sid (unstable) versions ant\u00e9rieures \u00e0 4.1.3-1",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian Wheezy (oldstable) versions ant\u00e9rieures \u00e0 3.2.68-1+deb7u3",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian Jessie (stable) versions ant\u00e9rieures \u00e0 3.16.7-ckt11-1+deb8u3",
"product": {
"name": "N/A",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-5706",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5706"
},
{
"name": "CVE-2015-4692",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4692"
},
{
"name": "CVE-2015-4700",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-4700"
},
{
"name": "CVE-2015-5707",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5707"
},
{
"name": "CVE-2015-5697",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5697"
},
{
"name": "CVE-2015-1333",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1333"
},
{
"name": "CVE-2015-5366",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
},
{
"name": "CVE-2015-5364",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
},
{
"name": "CVE-2015-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3212"
}
],
"links": [],
"reference": "CERTFR-2015-AVI-331",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-08-07T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le \u003cspan\nclass=\"textit\"\u003enoyau Linux Debian\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un\nd\u00e9ni de service \u00e0 distance, un d\u00e9ni de service et une atteinte \u00e0 la\nconfidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux Debian",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-3329-1 du 07 ao\u00fbt 2015",
"url": "https://www.debian.org/security/2015/dsa-3329"
}
]
}
GHSA-WQC9-VCG5-V949
Vulnerability from github – Published: 2022-05-17 00:48 – Updated: 2022-05-17 00:48
VLAI?
Details
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.
{
"affected": [],
"aliases": [
"CVE-2015-4692"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2015-07-27T10:59:00Z",
"severity": "MODERATE"
},
"details": "The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.",
"id": "GHSA-wqc9-vcg5-v949",
"modified": "2022-05-17T00:48:49Z",
"published": "2022-05-17T00:48:49Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2015-4692"
},
{
"type": "WEB",
"url": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
},
{
"type": "WEB",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html"
},
{
"type": "WEB",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"type": "WEB",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2015/dsa-3329"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2015/06/21/1"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/75142"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1032798"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2680-1"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2681-1"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2682-1"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2683-1"
},
{
"type": "WEB",
"url": "http://www.ubuntu.com/usn/USN-2684-1"
}
],
"schema_version": "1.4.0",
"severity": []
}
GSD-2015-4692
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2015-4692",
"description": "The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.",
"id": "GSD-2015-4692",
"references": [
"https://www.suse.com/security/cve/CVE-2015-4692.html",
"https://www.debian.org/security/2015/dsa-3329",
"https://ubuntu.com/security/CVE-2015-4692",
"https://advisories.mageia.org/CVE-2015-4692.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2015-4692"
],
"details": "The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.",
"id": "GSD-2015-4692",
"modified": "2023-12-13T01:19:59.888589Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4692",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[oss-security] 20150620 Re: CVE request -- Linux kernel - kvm: x86: NULL pointer dereference in kvm_apic_has_events function",
"refsource": "MLIST",
"url": "http://www.openwall.com/lists/oss-security/2015/06/21/1"
},
{
"name": "USN-2680-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2680-1"
},
{
"name": "USN-2682-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2682-1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
},
{
"name": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009",
"refsource": "CONFIRM",
"url": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "SUSE-SU-2015:1324",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"name": "DSA-3329",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2015/dsa-3329"
},
{
"name": "FEDORA-2015-10678",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html"
},
{
"name": "openSUSE-SU-2015:1382",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"name": "USN-2684-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2684-1"
},
{
"name": "USN-2681-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2681-1"
},
{
"name": "USN-2683-1",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/USN-2683-1"
},
{
"name": "75142",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/75142"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009",
"refsource": "CONFIRM",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "1032798",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1032798"
},
{
"name": "FEDORA-2015-10677",
"refsource": "FEDORA",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.1.3",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-4692"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009",
"refsource": "CONFIRM",
"tags": [],
"url": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009",
"refsource": "CONFIRM",
"tags": [],
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"name": "[oss-security] 20150620 Re: CVE request -- Linux kernel - kvm: x86: NULL pointer dereference in kvm_apic_has_events function",
"refsource": "MLIST",
"tags": [],
"url": "http://www.openwall.com/lists/oss-security/2015/06/21/1"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770",
"refsource": "CONFIRM",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
},
{
"name": "75142",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/75142"
},
{
"name": "FEDORA-2015-10678",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html"
},
{
"name": "FEDORA-2015-10677",
"refsource": "FEDORA",
"tags": [],
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html"
},
{
"name": "DSA-3329",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2015/dsa-3329"
},
{
"name": "USN-2684-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2684-1"
},
{
"name": "USN-2683-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2683-1"
},
{
"name": "USN-2682-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2682-1"
},
{
"name": "USN-2681-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2681-1"
},
{
"name": "USN-2680-1",
"refsource": "UBUNTU",
"tags": [],
"url": "http://www.ubuntu.com/usn/USN-2680-1"
},
{
"name": "openSUSE-SU-2015:1382",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"name": "SUSE-SU-2015:1324",
"refsource": "SUSE",
"tags": [],
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"name": "1032798",
"refsource": "SECTRACK",
"tags": [],
"url": "http://www.securitytracker.com/id/1032798"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-09-22T01:29Z",
"publishedDate": "2015-07-27T10:59Z"
}
}
}
CNVD-2015-04952
Vulnerability from cnvd - Published: 2015-07-21
VLAI Severity ?
Title
Linux kvm_apic_has_events()函数空指针引用漏洞
Description
Linux Kernel是一款开源的操作系统。
Linux Kernel kvm_apic_has_events()函数存在空指针引用漏洞,允许可访问/dev/kvm的用户使系统崩溃。
Severity
中
Patch Name
Linux kvm_apic_has_events()函数空指针引用漏洞的补丁
Patch Description
Linux Kernel是一款开源的操作系统。Linux Kernel kvm_apic_has_events()函数存在空指针引用漏洞,允许可访问/dev/kvm的用户使系统崩溃。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
用户可参考如下厂商提供的安全公告获取补丁以修复该漏洞: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86/kvm/lapic.h?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009
Reference
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86/kvm/lapic.h?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009
Impacted products
| Name | Linux Kernel |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2015-4692"
}
},
"description": "Linux Kernel\u662f\u4e00\u6b3e\u5f00\u6e90\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002\r\n\r\nLinux Kernel kvm_apic_has_events()\u51fd\u6570\u5b58\u5728\u7a7a\u6307\u9488\u5f15\u7528\u6f0f\u6d1e\uff0c\u5141\u8bb8\u53ef\u8bbf\u95ee/dev/kvm\u7684\u7528\u6237\u4f7f\u7cfb\u7edf\u5d29\u6e83\u3002",
"discovererName": "Linux",
"formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u516c\u544a\u83b7\u53d6\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86/kvm/lapic.h?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2015-04952",
"openTime": "2015-07-21",
"patchDescription": "Linux Kernel\u662f\u4e00\u6b3e\u5f00\u6e90\u7684\u64cd\u4f5c\u7cfb\u7edf\u3002Linux Kernel kvm_apic_has_events()\u51fd\u6570\u5b58\u5728\u7a7a\u6307\u9488\u5f15\u7528\u6f0f\u6d1e\uff0c\u5141\u8bb8\u53ef\u8bbf\u95ee/dev/kvm\u7684\u7528\u6237\u4f7f\u7cfb\u7edf\u5d29\u6e83\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Linux kvm_apic_has_events()\u51fd\u6570\u7a7a\u6307\u9488\u5f15\u7528\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": "Linux Kernel"
},
"referenceLink": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/arch/x86/kvm/lapic.h?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009",
"serverity": "\u4e2d",
"submitTime": "2015-07-18",
"title": "Linux kvm_apic_has_events()\u51fd\u6570\u7a7a\u6307\u9488\u5f15\u7528\u6f0f\u6d1e"
}
FKIE_CVE-2015-4692
Vulnerability from fkie_nvd - Published: 2015-07-27 10:59 - Updated: 2025-04-12 10:46
Severity ?
Summary
The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html | ||
| cve@mitre.org | http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html | ||
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html | ||
| cve@mitre.org | http://www.debian.org/security/2015/dsa-3329 | ||
| cve@mitre.org | http://www.openwall.com/lists/oss-security/2015/06/21/1 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/75142 | ||
| cve@mitre.org | http://www.securitytracker.com/id/1032798 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2680-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2681-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2682-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2683-1 | ||
| cve@mitre.org | http://www.ubuntu.com/usn/USN-2684-1 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=1230770 | Vendor Advisory | |
| cve@mitre.org | https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2015/dsa-3329 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2015/06/21/1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/75142 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1032798 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2680-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2681-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2682-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2683-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.ubuntu.com/usn/USN-2684-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=1230770 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C06FC91E-00B9-4165-9522-70664810FB15",
"versionEndIncluding": "4.1.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call."
},
{
"lang": "es",
"value": "Vulnerabilidad en la funci\u00f3n kvm_apic_has_events en arch/x86/kvm/lapic.h en el Kernel de Linux hasta la versi\u00f3n 4.1.3, permite a usuarios locales causar una denegaci\u00f3n de servicio (mediante la referencia a un puntero NULO y una ca\u00edda del sistema) o posiblemente tener otro impacto no especificado a trav\u00e9s del aprovechamiento de acceso a /dev/kvm para una llamada ioctl."
}
],
"evaluatorComment": "\u003ca href=\"http://cwe.mitre.org/data/definitions/476.html\"\u003eCWE-476: NULL Pointer Dereference\u003c/a\u003e",
"id": "CVE-2015-4692",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 4.9,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-07-27T10:59:00.063",
"references": [
{
"source": "cve@mitre.org",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"source": "cve@mitre.org",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2015/dsa-3329"
},
{
"source": "cve@mitre.org",
"url": "http://www.openwall.com/lists/oss-security/2015/06/21/1"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/75142"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id/1032798"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2680-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2681-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2682-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2683-1"
},
{
"source": "cve@mitre.org",
"url": "http://www.ubuntu.com/usn/USN-2684-1"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
},
{
"source": "cve@mitre.org",
"url": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160829.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161144.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00049.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00011.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2015/dsa-3329"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.openwall.com/lists/oss-security/2015/06/21/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/75142"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1032798"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2680-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2681-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2682-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2683-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ubuntu.com/usn/USN-2684-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1230770"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://github.com/torvalds/linux/commit/ce40cd3fc7fa40a6119e5fe6c0f2bc0eb4541009"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
SUSE-SU-2015:1324-1
Vulnerability from csaf_suse - Published: 2015-07-16 14:57 - Updated: 2015-07-16 14:57Summary
Security update for the SUSE Linux Enterprise 12 kernel
Notes
Title of the patch
Security update for the SUSE Linux Enterprise 12 kernel
Description of the patch
The SUSE Linux Enterprise 12 kernel was updated to 3.12.44 to receive various security and bugfixes.
These features were added:
- mpt2sas: Added Reply Descriptor Post Queue (RDPQ) Array support (bsc#854824).
- mpt3sas: Bump mpt3sas driver version to 04.100.00.00 (bsc#854817).
Following security bugs were fixed:
- CVE-2015-1805: iov overrun for failed atomic copy could have lead to
DoS or privilege escalation (bsc#933429).
- CVE-2015-3212: A race condition in the way the Linux kernel handled
lists of associations in SCTP sockets could have lead to list
corruption and kernel panics (bsc#936502).
- CVE-2015-4036: DoS via memory corruption in vhost/scsi driver
(bsc#931988).
- CVE-2015-4167: Linux kernel built with the UDF file
system(CONFIG_UDF_FS) support was vulnerable to a crash. It occurred
while fetching inode information from a corrupted/malicious udf file
system image (bsc#933907).
- CVE-2015-4692: DoS via NULL pointer dereference in kvm_apic_has_events
function (bsc#935542).
- CVE-2015-5364: Remote DoS via flood of UDP packets with invalid
checksums (bsc#936831).
- CVE-2015-5366: Remote DoS of EPOLLET epoll applications via flood of
UDP packets with invalid checksums (bsc#936831).
Security issues already fixed in the previous update but not referenced by CVE:
- CVE-2014-9728: Kernel built with the UDF file system(CONFIG_UDF_FS)
support were vulnerable to a crash (bsc#933904).
- CVE-2014-9729: Kernel built with the UDF file system(CONFIG_UDF_FS)
support were vulnerable to a crash (bsc#933904).
- CVE-2014-9730: Kernel built with the UDF file system(CONFIG_UDF_FS)
support were vulnerable to a crash (bsc#933904).
- CVE-2014-9731: Kernel built with the UDF file system(CONFIG_UDF_FS)
support were vulnerable to information leakage (bsc#933896).
The following non-security bugs were fixed:
- ALSA: hda - add codec ID for Skylake display audio codec (bsc#936556).
- ALSA: hda/hdmi - apply Haswell fix-ups to Skylake display codec
(bsc#936556).
- ALSA: hda_controller: Separate stream_tag for input and output streams
(bsc#936556).
- ALSA: hda_intel: add AZX_DCAPS_I915_POWERWELL for SKL and BSW
(bsc#936556).
- ALSA: hda_intel: apply the Seperate stream_tag for Skylake
(bsc#936556).
- ALSA: hda_intel: apply the Seperate stream_tag for Sunrise Point
(bsc#936556).
- Btrfs: Handle unaligned length in extent_same (bsc#937609).
- Btrfs: add missing inode item update in fallocate() (bsc#938023).
- Btrfs: check pending chunks when shrinking fs to avoid corruption
(bsc#936445).
- Btrfs: do not update mtime/ctime on deduped inodes (bsc#937616).
- Btrfs: fix block group ->space_info null pointer dereference
(bsc#935088).
- Btrfs: fix clone / extent-same deadlocks (bsc#937612).
- Btrfs: fix deadlock with extent-same and readpage (bsc#937612).
- Btrfs: fix fsync data loss after append write (bsc#936446).
- Btrfs: fix hang during inode eviction due to concurrent readahead
(bsc#935085).
- Btrfs: fix memory leak in the extent_same ioctl (bsc#937613).
- Btrfs: fix race when reusing stale extent buffers that leads to BUG_ON
(bsc#926369).
- Btrfs: fix use after free when close_ctree frees the orphan_rsv
(bsc#938022).
- Btrfs: pass unaligned length to btrfs_cmp_data() (bsc#937609).
- Btrfs: provide super_operations->inode_get_dev (bsc#927455).
- Drivers: hv: balloon: check if ha_region_mutex was acquired in
MEM_CANCEL_ONLINE case.
- Drivers: hv: fcopy: process deferred messages when we complete the
transaction.
- Drivers: hv: fcopy: rename fcopy_work -> fcopy_timeout_work.
- Drivers: hv: fcopy: set .owner reference for file operations.
- Drivers: hv: fcopy: switch to using the hvutil_device_state state
machine.
- Drivers: hv: hv_balloon: correctly handle num_pages>INT_MAX case.
- Drivers: hv: hv_balloon: correctly handle val.freeram lower than num_pages case.
- Drivers: hv: hv_balloon: do not lose memory when onlining order is not
natural.
- Drivers: hv: hv_balloon: do not online pages in offline blocks.
- Drivers: hv: hv_balloon: eliminate jumps in piecewiese linear floor
function.
- Drivers: hv: hv_balloon: eliminate the trylock path in
acquire/release_region_mutex.
- Drivers: hv: hv_balloon: keep locks balanced on add_memory() failure.
- Drivers: hv: hv_balloon: refuse to balloon below the floor.
- Drivers: hv: hv_balloon: report offline pages as being used.
- Drivers: hv: hv_balloon: survive ballooning request with num_pages=0.
- Drivers: hv: kvp: move poll_channel() to hyperv_vmbus.h.
- Drivers: hv: kvp: rename kvp_work -> kvp_timeout_work.
- Drivers: hv: kvp: reset kvp_context.
- Drivers: hv: kvp: switch to using the hvutil_device_state state
machine.
- Drivers: hv: util: Fix a bug in the KVP code. reapply upstream change
ontop of v3.12-stable change
- Drivers: hv: util: On device remove, close the channel after
de-initializing the service.
- Drivers: hv: util: introduce hv_utils_transport abstraction.
- Drivers: hv: util: introduce state machine for util drivers.
- Drivers: hv: util: move kvp/vss function declarations to
hyperv_vmbus.h.
- Drivers: hv: vmbus: Add device and vendor ID to vmbus devices.
- Drivers: hv: vmbus: Add support for VMBus panic notifier handler
(bsc#934160).
- Drivers: hv: vmbus: Add support for the NetworkDirect GUID.
- Drivers: hv: vmbus: Correcting truncation error for constant
HV_CRASH_CTL_CRASH_NOTIFY (bsc#934160).
- Drivers: hv: vmbus: Export the vmbus_sendpacket_pagebuffer_ctl().
- Drivers: hv: vmbus: Fix a bug in rescind processing in
vmbus_close_internal().
- Drivers: hv: vmbus: Fix a siganlling host signalling issue.
- Drivers: hv: vmbus: Get rid of some unnecessary messages.
- Drivers: hv: vmbus: Get rid of some unused definitions.
- Drivers: hv: vmbus: Handle both rescind and offer messages in the same
context.
- Drivers: hv: vmbus: Implement the protocol for tearing down vmbus
state.
- Drivers: hv: vmbus: Introduce a function to remove a rescinded offer.
- Drivers: hv: vmbus: Perform device register in the per-channel work
element.
- Drivers: hv: vmbus: Permit sending of packets without payload.
- Drivers: hv: vmbus: Properly handle child device remove.
- Drivers: hv: vmbus: Remove the channel from the channel list(s) on
failure.
- Drivers: hv: vmbus: Suport an API to send packet with additional
control.
- Drivers: hv: vmbus: Suport an API to send pagebuffers with additional
control.
- Drivers: hv: vmbus: Teardown clockevent devices on module unload.
- Drivers: hv: vmbus: Teardown synthetic interrupt controllers on module
unload.
- Drivers: hv: vmbus: Use a round-robin algorithm for picking the
outgoing channel.
- Drivers: hv: vmbus: Use the vp_index map even for channels bound to CPU
0.
- Drivers: hv: vmbus: avoid double kfree for device_obj.
- Drivers: hv: vmbus: briefly comment num_sc and next_oc.
- Drivers: hv: vmbus: decrease num_sc on subchannel removal.
- Drivers: hv: vmbus: distribute subchannels among all vcpus.
- Drivers: hv: vmbus: do cleanup on all vmbus_open() failure paths.
- Drivers: hv: vmbus: introduce vmbus_acpi_remove.
- Drivers: hv: vmbus: kill tasklets on module unload.
- Drivers: hv: vmbus: move init_vp_index() call to vmbus_process_offer().
- Drivers: hv: vmbus: prevent cpu offlining on newer hypervisors.
- Drivers: hv: vmbus: rename channel work queues.
- Drivers: hv: vmbus: teardown hv_vmbus_con workqueue and
vmbus_connection pages on shutdown.
- Drivers: hv: vmbus: unify calls to percpu_channel_enq().
- Drivers: hv: vmbus: unregister panic notifier on module unload.
- Drivers: hv: vmbus:Update preferred vmbus protocol version to windows
10.
- Drivers: hv: vss: process deferred messages when we complete the
transaction.
- Drivers: hv: vss: switch to using the hvutil_device_state state
machine.
- Enable CONFIG_BRIDGE_NF_EBTABLES on s390x (bsc#936012)
- Fix connection reuse when sk_error_report is used (bsc#930972).
- GHES: Carve out error queueing in a separate function (bsc#917630).
- GHES: Carve out the panic functionality (bsc#917630).
- GHES: Elliminate double-loop in the NMI handler (bsc#917630).
- GHES: Make NMI handler have a single reader (bsc#917630).
- GHES: Panic right after detection (bsc#917630).
- IB/mlx4: Fix wrong usage of IPv4 protocol for multicast attach/detach
(bsc#918618).
- Initialize hv_netvsc_packet->xmit_more to avoid transfer stalls
- KVM: PPC: BOOK3S: HV: CMA: Reserve cma region only in hypervisor mode
(bsc#908491).
- KVM: s390: virtio-ccw: Handle command rejects (bsc#931860).
- MODSIGN: loading keys from db when SecureBoot disabled (bsc#929696).
- MODSIGN: loading keys from db when SecureBoot disabled (bsc#929696).
- PCI: pciehp: Add hotplug_lock to serialize hotplug events (bsc#866911).
- Revert 'MODSIGN: loading keys from db when SecureBoot disabled'. This
reverts commit b45412d4, because it breaks legacy boot.
- SUNRPC: Report connection error values to rpc_tasks on the pending
queue (bsc#930972).
- Update s390x kabi files with netfilter change (bsc#936012)
- client MUST ignore EncryptionKeyLength if CAP_EXTENDED_SECURITY is set
(bsc#932348).
- cpufreq: pcc: Enable autoload of pcc-cpufreq for ACPI processors
(bsc#933117).
- dmapi: fix value from newer Linux strnlen_user() (bsc#932897).
- drm/i915/hsw: Fix workaround for server AUX channel clock divisor
(bsc#935918).
- drm/i915: Evict CS TLBs between batches (bsc#935918).
- drm/i915: Fix DDC probe for passive adapters (bsc#935918).
- drm/i915: Handle failure to kick out a conflicting fb driver
(bsc#935918).
- drm/i915: drop WaSetupGtModeTdRowDispatch:snb (bsc#935918).
- drm/i915: save/restore GMBUS freq across suspend/resume on gen4
(bsc#935918).
- edd: support original Phoenix EDD 3.0 information (bsc#929974).
- ext4: fix over-defensive complaint after journal abort (bsc#935174).
- fs/cifs: Fix corrupt SMB2 ioctl requests (bsc#931124).
- ftrace: add oco handling patch (bsc#924526).
- ftrace: allow architectures to specify ftrace compile options
(bsc#924526).
- ftrace: let notrace function attribute disable hotpatching if necessary
(bsc#924526).
- hugetlb, kabi: do not account hugetlb pages as NR_FILE_PAGES
(bsc#930092).
- hugetlb: do not account hugetlb pages as NR_FILE_PAGES (bsc#930092).
- hv: channel: match var type to return type of wait_for_completion.
- hv: do not schedule new works in
vmbus_onoffer()/vmbus_onoffer_rescind().
- hv: hv_balloon: match var type to return type of wait_for_completion.
- hv: hv_util: move vmbus_open() to a later place.
- hv: hypervvssd: call endmntent before call setmntent again.
- hv: no rmmod for hv_vmbus and hv_utils.
- hv: remove the per-channel workqueue.
- hv: run non-blocking message handlers in the dispatch tasklet.
- hv: vmbus: missing curly braces in vmbus_process_offer().
- hv: vmbus_free_channels(): remove the redundant free_channel().
- hv: vmbus_open(): reset the channel state on ENOMEM.
- hv: vmbus_post_msg: retry the hypercall on some transient errors.
- hv_netvsc: Allocate the receive buffer from the correct NUMA node.
- hv_netvsc: Allocate the sendbuf in a NUMA aware way.
- hv_netvsc: Clean up two unused variables.
- hv_netvsc: Cleanup the test for freeing skb when we use sendbuf
mechanism.
- hv_netvsc: Define a macro RNDIS_AND_PPI_SIZE.
- hv_netvsc: Eliminate memory allocation in the packet send path.
- hv_netvsc: Fix a bug in netvsc_start_xmit().
- hv_netvsc: Fix the packet free when it is in skb headroom.
- hv_netvsc: Implement batching in send buffer.
- hv_netvsc: Implement partial copy into send buffer.
- hv_netvsc: Use the xmit_more skb flag to optimize signaling the host.
- hv_netvsc: change member name of struct netvsc_stats.
- hv_netvsc: introduce netif-msg into netvsc module.
- hv_netvsc: remove unused variable in netvsc_send().
- hv_netvsc: remove vmbus_are_subchannels_present() in
rndis_filter_device_add().
- hv_netvsc: try linearizing big SKBs before dropping them.
- hv_netvsc: use per_cpu stats to calculate TX/RX data.
- hv_netvsc: use single existing drop path in netvsc_start_xmit.
- hv_vmbus: Add gradually increased delay for retries in
vmbus_post_msg().
- hyperv: Implement netvsc_get_channels() ethool op.
- hyperv: hyperv_fb: match wait_for_completion_timeout return type.
- iommu/amd: Handle integer overflow in dma_ops_area_alloc (bsc#931538).
- iommu/amd: Handle large pages correctly in free_pagetable (bsc#935881).
- ipr: Increase default adapter init stage change timeout (bsc#930579).
- ipv6: do not delete previously existing ECMP routes if add fails
(bsc#930399).
- ipv6: fix ECMP route replacement (bsc#930399).
- jbd2: improve error messages for inconsistent journal heads
(bsc#935174).
- jbd2: revise KERN_EMERG error messages (bsc#935174).
- kabi/severities: Add s390 symbols allowed to change in bsc#931860
- kabi: only use sops->get_inode_dev with proper fsflag.
- kernel: add panic_on_warn.
- kexec: allocate the kexec control page with KEXEC_CONTROL_MEMORY_GFP
(bsc#928131).
- kgr: fix redirection on s390x arch (bsc#903279).
- kgr: move kgr_task_in_progress() to sched.h.
- kgr: send a fake signal to all blocking tasks.
- kvm: irqchip: Break up high order allocations of kvm_irq_routing_table
(bsc#926953).
- libata: Blacklist queued TRIM on all Samsung 800-series (bsc#930599).
- mei: bus: () can be static.
- mm, thp: really limit transparent hugepage allocation to local node (VM
Performance, bsc#931620).
- mm, thp: respect MPOL_PREFERRED policy with non-local node (VM
Performance, bsc#931620).
- mm/mempolicy.c: merge alloc_hugepage_vma to alloc_pages_vma (VM
Performance, bsc#931620).
- mm/thp: allocate transparent hugepages on local node (VM Performance,
bsc#931620).
- net/mlx4_en: Call register_netdevice in the proper location
(bsc#858727).
- net/mlx4_en: Do not attempt to TX offload the outer UDP checksum for
VXLAN (bsc#858727).
- net: fib6: fib6_commit_metrics: fix potential NULL pointer dereference
(bsc#867362).
- net: introduce netdev_alloc_pcpu_stats() for drivers.
- net: ipv6: fib: do not sleep inside atomic lock (bsc#867362).
- netdev: set __percpu attribute on netdev_alloc_pcpu_stats.
- netdev_alloc_pcpu_stats: use less common iterator variable.
- netfilter: xt_NFQUEUE: fix --queue-bypass regression (bsc#935083)
- ovl: default permissions (bsc#924071).
- ovl: move s_stack_depth .
- powerpc/perf/hv-24x7: use kmem_cache instead of aligned stack
allocations (bsc#931403).
- powerpc/pseries: Correct cpu affinity for dlpar added cpus (bsc#932967).
- powerpc: Add VM_FAULT_HWPOISON handling to powerpc page fault handler
(bsc#929475).
- powerpc: Fill in si_addr_lsb siginfo field (bsc#929475).
- powerpc: Simplify do_sigbus (bsc#929475).
- reiserfs: Fix use after free in journal teardown (bsc#927697).
- rtlwifi: rtl8192cu: Fix kernel deadlock (bsc#927786).
- s390/airq: add support for irq ranges (bsc#931860).
- s390/airq: silence lockdep warning (bsc#931860).
- s390/compat,signal: change return values to -EFAULT (bsc#929879).
- s390/ftrace: hotpatch support for function tracing (bsc#924526).
- s390/irq: improve displayed interrupt order in /proc/interrupts
(bsc#931860).
- s390/kernel: use stnsm 255 instead of stosm 0 (bsc#929879).
- s390/kgr: reorganize kgr infrastructure in entry64.S.
- s390/mm: align 64-bit PIE binaries to 4GB (bsc#929879).
- s390/mm: limit STACK_RND_MASK for compat tasks (bsc#929879).
- s390/rwlock: add missing local_irq_restore calls (bsc#929879).
- s390/sclp_vt220: Fix kernel panic due to early terminal input
(bsc#931860).
- s390/smp: only send external call ipi if needed (bsc#929879).
- s390/spinlock,rwlock: always to a load-and-test first (bsc#929879).
- s390/spinlock: cleanup spinlock code (bsc#929879).
- s390/spinlock: optimize spin_unlock code (bsc#929879).
- s390/spinlock: optimize spinlock code sequence (bsc#929879).
- s390/spinlock: refactor arch_spin_lock_wait[_flags] (bsc#929879).
- s390/time: use stck clock fast for do_account_vtime (bsc#929879).
- s390: Remove zfcpdump NR_CPUS dependency (bsc#929879).
- s390: add z13 code generation support (bsc#929879).
- s390: avoid z13 cache aliasing (bsc#929879).
- s390: fix control register update (bsc#929879).
- s390: optimize control register update (bsc#929879).
- s390: z13 base performance (bsc#929879).
- sched: fix __sched_setscheduler() vs load balancing race (bsc#921430)
- scsi: retry MODE SENSE on unit attention (bsc#895814).
- scsi_dh_alua: Recheck state on unit attention (bsc#895814).
- scsi_dh_alua: fixup crash in alua_rtpg_work() (bsc#895814).
- scsi_dh_alua: parse device id instead of target id (bsc#895814).
- scsi_dh_alua: recheck RTPG in regular intervals (bsc#895814).
- scsi_dh_alua: update all port states (bsc#895814).
- sd: always retry READ CAPACITY for ALUA state transition (bsc#895814).
- st: null pointer dereference panic caused by use after kref_put by
st_open (bsc#936875).
- supported.conf: add btrfs to kernel-$flavor-base (bsc#933637)
- udf: Remove repeated loads blocksize (bsc#933907).
- usb: core: Fix USB 3.0 devices lost in NOTATTACHED state after a hub
port reset (bsc#938024).
- vTPM: set virtual device before passing to ibmvtpm_reset_crq
(bsc#937087).
- vfs: add super_operations->get_inode_dev (bsc#927455).
- virtio-ccw: virtio-ccw adapter interrupt support (bsc#931860).
- virtio-rng: do not crash if virtqueue is broken (bsc#931860).
- virtio: fail adding buffer on broken queues (bsc#931860).
- virtio: virtio_break_device() to mark all virtqueues broken
(bsc#931860).
- virtio_blk: verify if queue is broken after virtqueue_get_buf()
(bsc#931860).
- virtio_ccw: fix hang in set offline processing (bsc#931860).
- virtio_ccw: fix vcdev pointer handling issues (bsc#931860).
- virtio_ccw: introduce device_lost in virtio_ccw_device (bsc#931860).
- virtio_net: do not crash if virtqueue is broken (bsc#931860).
- virtio_net: verify if queue is broken after virtqueue_get_buf()
(bsc#931860).
- virtio_ring: adapt to notify() returning bool (bsc#931860).
- virtio_ring: add new function virtqueue_is_broken() (bsc#931860).
- virtio_ring: change host notification API (bsc#931860).
- virtio_ring: let virtqueue_{kick()/notify()} return a bool
(bsc#931860).
- virtio_ring: plug kmemleak false positive (bsc#931860).
- virtio_scsi: do not call virtqueue_add_sgs(... GFP_NOIO) holding
spinlock (bsc#931860).
- virtio_scsi: verify if queue is broken after virtqueue_get_buf()
(bsc#931860).
- vmxnet3: Bump up driver version number (bsc#936423).
- vmxnet3: Changes for vmxnet3 adapter version 2 (fwd) (bug#936423).
- vmxnet3: Fix memory leaks in rx path (fwd) (bug#936423).
- vmxnet3: Register shutdown handler for device (fwd) (bug#936423).
- x86/PCI: Use host bridge _CRS info on Foxconn K8M890-8237A
(bsc#907092).
- x86/PCI: Use host bridge _CRS info on systems with >32 bit addressing
(bsc#907092).
- x86/kgr: move kgr infrastructure from asm to C.
- x86/mm: Improve AMD Bulldozer ASLR workaround (bsc#937032).
- xfrm: release dst_orig in case of error in xfrm_lookup() (bsc#932793).
- xfs: Skip dirty pages in ->releasepage (bsc#915183).
- xfs: fix xfs_setattr for DMAPI (bsc#932900).
- xfs_dmapi: fix transaction ilocks (bsc#932899).
- xfs_dmapi: fix value from newer Linux strnlen_user() (bsc#932897).
- xfs_dmapi: xfs_dm_rdwr() uses dir file ops not file's ops (bsc#932898).
Patchnames
SUSE-SLE-DESKTOP-12-2015-356,SUSE-SLE-Live-Patching-12-2015-356,SUSE-SLE-Module-Public-Cloud-12-2015-356,SUSE-SLE-SDK-12-2015-356,SUSE-SLE-SERVER-12-2015-356,SUSE-SLE-WE-12-2015-356
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the SUSE Linux Enterprise 12 kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "The SUSE Linux Enterprise 12 kernel was updated to 3.12.44 to receive various security and bugfixes.\n\nThese features were added:\n- mpt2sas: Added Reply Descriptor Post Queue (RDPQ) Array support (bsc#854824).\n- mpt3sas: Bump mpt3sas driver version to 04.100.00.00 (bsc#854817).\n\nFollowing security bugs were fixed:\n- CVE-2015-1805: iov overrun for failed atomic copy could have lead to\n DoS or privilege escalation (bsc#933429).\n- CVE-2015-3212: A race condition in the way the Linux kernel handled\n lists of associations in SCTP sockets could have lead to list\n corruption and kernel panics (bsc#936502).\n- CVE-2015-4036: DoS via memory corruption in vhost/scsi driver\n (bsc#931988).\n- CVE-2015-4167: Linux kernel built with the UDF file\n system(CONFIG_UDF_FS) support was vulnerable to a crash. It occurred\n while fetching inode information from a corrupted/malicious udf file\n system image (bsc#933907).\n- CVE-2015-4692: DoS via NULL pointer dereference in kvm_apic_has_events\n function (bsc#935542).\n- CVE-2015-5364: Remote DoS via flood of UDP packets with invalid\n checksums (bsc#936831).\n- CVE-2015-5366: Remote DoS of EPOLLET epoll applications via flood of\n UDP packets with invalid checksums (bsc#936831).\n\nSecurity issues already fixed in the previous update but not referenced by CVE:\n- CVE-2014-9728: Kernel built with the UDF file system(CONFIG_UDF_FS)\n support were vulnerable to a crash (bsc#933904).\n- CVE-2014-9729: Kernel built with the UDF file system(CONFIG_UDF_FS)\n support were vulnerable to a crash (bsc#933904).\n- CVE-2014-9730: Kernel built with the UDF file system(CONFIG_UDF_FS)\n support were vulnerable to a crash (bsc#933904).\n- CVE-2014-9731: Kernel built with the UDF file system(CONFIG_UDF_FS)\n support were vulnerable to information leakage (bsc#933896).\n\nThe following non-security bugs were fixed:\n- ALSA: hda - add codec ID for Skylake display audio codec (bsc#936556).\n- ALSA: hda/hdmi - apply Haswell fix-ups to Skylake display codec\n (bsc#936556).\n- ALSA: hda_controller: Separate stream_tag for input and output streams\n (bsc#936556).\n- ALSA: hda_intel: add AZX_DCAPS_I915_POWERWELL for SKL and BSW\n (bsc#936556).\n- ALSA: hda_intel: apply the Seperate stream_tag for Skylake\n (bsc#936556).\n- ALSA: hda_intel: apply the Seperate stream_tag for Sunrise Point\n (bsc#936556).\n- Btrfs: Handle unaligned length in extent_same (bsc#937609).\n- Btrfs: add missing inode item update in fallocate() (bsc#938023).\n- Btrfs: check pending chunks when shrinking fs to avoid corruption\n (bsc#936445).\n- Btrfs: do not update mtime/ctime on deduped inodes (bsc#937616).\n- Btrfs: fix block group -\u003espace_info null pointer dereference\n (bsc#935088).\n- Btrfs: fix clone / extent-same deadlocks (bsc#937612).\n- Btrfs: fix deadlock with extent-same and readpage (bsc#937612).\n- Btrfs: fix fsync data loss after append write (bsc#936446).\n- Btrfs: fix hang during inode eviction due to concurrent readahead\n (bsc#935085).\n- Btrfs: fix memory leak in the extent_same ioctl (bsc#937613).\n- Btrfs: fix race when reusing stale extent buffers that leads to BUG_ON\n (bsc#926369).\n- Btrfs: fix use after free when close_ctree frees the orphan_rsv\n (bsc#938022).\n- Btrfs: pass unaligned length to btrfs_cmp_data() (bsc#937609).\n- Btrfs: provide super_operations-\u003einode_get_dev (bsc#927455).\n- Drivers: hv: balloon: check if ha_region_mutex was acquired in\n MEM_CANCEL_ONLINE case.\n- Drivers: hv: fcopy: process deferred messages when we complete the\n transaction.\n- Drivers: hv: fcopy: rename fcopy_work -\u003e fcopy_timeout_work.\n- Drivers: hv: fcopy: set .owner reference for file operations.\n- Drivers: hv: fcopy: switch to using the hvutil_device_state state\n machine.\n- Drivers: hv: hv_balloon: correctly handle num_pages\u003eINT_MAX case.\n- Drivers: hv: hv_balloon: correctly handle val.freeram lower than num_pages case.\n- Drivers: hv: hv_balloon: do not lose memory when onlining order is not\n natural.\n- Drivers: hv: hv_balloon: do not online pages in offline blocks.\n- Drivers: hv: hv_balloon: eliminate jumps in piecewiese linear floor\n function.\n- Drivers: hv: hv_balloon: eliminate the trylock path in\n acquire/release_region_mutex.\n- Drivers: hv: hv_balloon: keep locks balanced on add_memory() failure.\n- Drivers: hv: hv_balloon: refuse to balloon below the floor.\n- Drivers: hv: hv_balloon: report offline pages as being used.\n- Drivers: hv: hv_balloon: survive ballooning request with num_pages=0.\n- Drivers: hv: kvp: move poll_channel() to hyperv_vmbus.h.\n- Drivers: hv: kvp: rename kvp_work -\u003e kvp_timeout_work.\n- Drivers: hv: kvp: reset kvp_context.\n- Drivers: hv: kvp: switch to using the hvutil_device_state state\n machine.\n- Drivers: hv: util: Fix a bug in the KVP code. reapply upstream change\n ontop of v3.12-stable change\n- Drivers: hv: util: On device remove, close the channel after\n de-initializing the service.\n- Drivers: hv: util: introduce hv_utils_transport abstraction.\n- Drivers: hv: util: introduce state machine for util drivers.\n- Drivers: hv: util: move kvp/vss function declarations to\n hyperv_vmbus.h.\n- Drivers: hv: vmbus: Add device and vendor ID to vmbus devices.\n- Drivers: hv: vmbus: Add support for VMBus panic notifier handler\n (bsc#934160).\n- Drivers: hv: vmbus: Add support for the NetworkDirect GUID.\n- Drivers: hv: vmbus: Correcting truncation error for constant\n HV_CRASH_CTL_CRASH_NOTIFY (bsc#934160).\n- Drivers: hv: vmbus: Export the vmbus_sendpacket_pagebuffer_ctl().\n- Drivers: hv: vmbus: Fix a bug in rescind processing in\n vmbus_close_internal().\n- Drivers: hv: vmbus: Fix a siganlling host signalling issue.\n- Drivers: hv: vmbus: Get rid of some unnecessary messages.\n- Drivers: hv: vmbus: Get rid of some unused definitions.\n- Drivers: hv: vmbus: Handle both rescind and offer messages in the same\n context.\n- Drivers: hv: vmbus: Implement the protocol for tearing down vmbus\n state.\n- Drivers: hv: vmbus: Introduce a function to remove a rescinded offer.\n- Drivers: hv: vmbus: Perform device register in the per-channel work\n element.\n- Drivers: hv: vmbus: Permit sending of packets without payload.\n- Drivers: hv: vmbus: Properly handle child device remove.\n- Drivers: hv: vmbus: Remove the channel from the channel list(s) on\n failure.\n- Drivers: hv: vmbus: Suport an API to send packet with additional\n control.\n- Drivers: hv: vmbus: Suport an API to send pagebuffers with additional\n control.\n- Drivers: hv: vmbus: Teardown clockevent devices on module unload.\n- Drivers: hv: vmbus: Teardown synthetic interrupt controllers on module\n unload.\n- Drivers: hv: vmbus: Use a round-robin algorithm for picking the\n outgoing channel.\n- Drivers: hv: vmbus: Use the vp_index map even for channels bound to CPU\n 0.\n- Drivers: hv: vmbus: avoid double kfree for device_obj.\n- Drivers: hv: vmbus: briefly comment num_sc and next_oc.\n- Drivers: hv: vmbus: decrease num_sc on subchannel removal.\n- Drivers: hv: vmbus: distribute subchannels among all vcpus.\n- Drivers: hv: vmbus: do cleanup on all vmbus_open() failure paths.\n- Drivers: hv: vmbus: introduce vmbus_acpi_remove.\n- Drivers: hv: vmbus: kill tasklets on module unload.\n- Drivers: hv: vmbus: move init_vp_index() call to vmbus_process_offer().\n- Drivers: hv: vmbus: prevent cpu offlining on newer hypervisors.\n- Drivers: hv: vmbus: rename channel work queues.\n- Drivers: hv: vmbus: teardown hv_vmbus_con workqueue and\n vmbus_connection pages on shutdown.\n- Drivers: hv: vmbus: unify calls to percpu_channel_enq().\n- Drivers: hv: vmbus: unregister panic notifier on module unload.\n- Drivers: hv: vmbus:Update preferred vmbus protocol version to windows\n 10.\n- Drivers: hv: vss: process deferred messages when we complete the\n transaction.\n- Drivers: hv: vss: switch to using the hvutil_device_state state\n machine.\n- Enable CONFIG_BRIDGE_NF_EBTABLES on s390x (bsc#936012)\n- Fix connection reuse when sk_error_report is used (bsc#930972).\n- GHES: Carve out error queueing in a separate function (bsc#917630).\n- GHES: Carve out the panic functionality (bsc#917630).\n- GHES: Elliminate double-loop in the NMI handler (bsc#917630).\n- GHES: Make NMI handler have a single reader (bsc#917630).\n- GHES: Panic right after detection (bsc#917630).\n- IB/mlx4: Fix wrong usage of IPv4 protocol for multicast attach/detach\n (bsc#918618).\n- Initialize hv_netvsc_packet-\u003exmit_more to avoid transfer stalls\n- KVM: PPC: BOOK3S: HV: CMA: Reserve cma region only in hypervisor mode\n (bsc#908491).\n- KVM: s390: virtio-ccw: Handle command rejects (bsc#931860).\n- MODSIGN: loading keys from db when SecureBoot disabled (bsc#929696).\n- MODSIGN: loading keys from db when SecureBoot disabled (bsc#929696).\n- PCI: pciehp: Add hotplug_lock to serialize hotplug events (bsc#866911).\n- Revert \u0027MODSIGN: loading keys from db when SecureBoot disabled\u0027. This\n reverts commit b45412d4, because it breaks legacy boot.\n- SUNRPC: Report connection error values to rpc_tasks on the pending\n queue (bsc#930972).\n- Update s390x kabi files with netfilter change (bsc#936012)\n- client MUST ignore EncryptionKeyLength if CAP_EXTENDED_SECURITY is set\n (bsc#932348).\n- cpufreq: pcc: Enable autoload of pcc-cpufreq for ACPI processors\n (bsc#933117).\n- dmapi: fix value from newer Linux strnlen_user() (bsc#932897).\n- drm/i915/hsw: Fix workaround for server AUX channel clock divisor\n (bsc#935918).\n- drm/i915: Evict CS TLBs between batches (bsc#935918).\n- drm/i915: Fix DDC probe for passive adapters (bsc#935918).\n- drm/i915: Handle failure to kick out a conflicting fb driver\n (bsc#935918).\n- drm/i915: drop WaSetupGtModeTdRowDispatch:snb (bsc#935918).\n- drm/i915: save/restore GMBUS freq across suspend/resume on gen4\n (bsc#935918).\n- edd: support original Phoenix EDD 3.0 information (bsc#929974).\n- ext4: fix over-defensive complaint after journal abort (bsc#935174).\n- fs/cifs: Fix corrupt SMB2 ioctl requests (bsc#931124).\n- ftrace: add oco handling patch (bsc#924526).\n- ftrace: allow architectures to specify ftrace compile options\n (bsc#924526).\n- ftrace: let notrace function attribute disable hotpatching if necessary\n (bsc#924526).\n- hugetlb, kabi: do not account hugetlb pages as NR_FILE_PAGES\n (bsc#930092).\n- hugetlb: do not account hugetlb pages as NR_FILE_PAGES (bsc#930092).\n- hv: channel: match var type to return type of wait_for_completion.\n- hv: do not schedule new works in\n vmbus_onoffer()/vmbus_onoffer_rescind().\n- hv: hv_balloon: match var type to return type of wait_for_completion.\n- hv: hv_util: move vmbus_open() to a later place.\n- hv: hypervvssd: call endmntent before call setmntent again.\n- hv: no rmmod for hv_vmbus and hv_utils.\n- hv: remove the per-channel workqueue.\n- hv: run non-blocking message handlers in the dispatch tasklet.\n- hv: vmbus: missing curly braces in vmbus_process_offer().\n- hv: vmbus_free_channels(): remove the redundant free_channel().\n- hv: vmbus_open(): reset the channel state on ENOMEM.\n- hv: vmbus_post_msg: retry the hypercall on some transient errors.\n- hv_netvsc: Allocate the receive buffer from the correct NUMA node.\n- hv_netvsc: Allocate the sendbuf in a NUMA aware way.\n- hv_netvsc: Clean up two unused variables.\n- hv_netvsc: Cleanup the test for freeing skb when we use sendbuf\n mechanism.\n- hv_netvsc: Define a macro RNDIS_AND_PPI_SIZE.\n- hv_netvsc: Eliminate memory allocation in the packet send path.\n- hv_netvsc: Fix a bug in netvsc_start_xmit().\n- hv_netvsc: Fix the packet free when it is in skb headroom.\n- hv_netvsc: Implement batching in send buffer.\n- hv_netvsc: Implement partial copy into send buffer.\n- hv_netvsc: Use the xmit_more skb flag to optimize signaling the host.\n- hv_netvsc: change member name of struct netvsc_stats.\n- hv_netvsc: introduce netif-msg into netvsc module.\n- hv_netvsc: remove unused variable in netvsc_send().\n- hv_netvsc: remove vmbus_are_subchannels_present() in\n rndis_filter_device_add().\n- hv_netvsc: try linearizing big SKBs before dropping them.\n- hv_netvsc: use per_cpu stats to calculate TX/RX data.\n- hv_netvsc: use single existing drop path in netvsc_start_xmit.\n- hv_vmbus: Add gradually increased delay for retries in\n vmbus_post_msg().\n- hyperv: Implement netvsc_get_channels() ethool op.\n- hyperv: hyperv_fb: match wait_for_completion_timeout return type.\n- iommu/amd: Handle integer overflow in dma_ops_area_alloc (bsc#931538).\n- iommu/amd: Handle large pages correctly in free_pagetable (bsc#935881).\n- ipr: Increase default adapter init stage change timeout (bsc#930579).\n- ipv6: do not delete previously existing ECMP routes if add fails\n (bsc#930399).\n- ipv6: fix ECMP route replacement (bsc#930399).\n- jbd2: improve error messages for inconsistent journal heads\n (bsc#935174).\n- jbd2: revise KERN_EMERG error messages (bsc#935174).\n- kabi/severities: Add s390 symbols allowed to change in bsc#931860\n- kabi: only use sops-\u003eget_inode_dev with proper fsflag.\n- kernel: add panic_on_warn.\n- kexec: allocate the kexec control page with KEXEC_CONTROL_MEMORY_GFP\n (bsc#928131).\n- kgr: fix redirection on s390x arch (bsc#903279).\n- kgr: move kgr_task_in_progress() to sched.h.\n- kgr: send a fake signal to all blocking tasks.\n- kvm: irqchip: Break up high order allocations of kvm_irq_routing_table\n (bsc#926953).\n- libata: Blacklist queued TRIM on all Samsung 800-series (bsc#930599).\n- mei: bus: () can be static.\n- mm, thp: really limit transparent hugepage allocation to local node (VM\n Performance, bsc#931620).\n- mm, thp: respect MPOL_PREFERRED policy with non-local node (VM\n Performance, bsc#931620).\n- mm/mempolicy.c: merge alloc_hugepage_vma to alloc_pages_vma (VM\n Performance, bsc#931620).\n- mm/thp: allocate transparent hugepages on local node (VM Performance,\n bsc#931620).\n- net/mlx4_en: Call register_netdevice in the proper location\n (bsc#858727).\n- net/mlx4_en: Do not attempt to TX offload the outer UDP checksum for\n VXLAN (bsc#858727).\n- net: fib6: fib6_commit_metrics: fix potential NULL pointer dereference\n (bsc#867362).\n- net: introduce netdev_alloc_pcpu_stats() for drivers.\n- net: ipv6: fib: do not sleep inside atomic lock (bsc#867362).\n- netdev: set __percpu attribute on netdev_alloc_pcpu_stats.\n- netdev_alloc_pcpu_stats: use less common iterator variable.\n- netfilter: xt_NFQUEUE: fix --queue-bypass regression (bsc#935083)\n- ovl: default permissions (bsc#924071).\n- ovl: move s_stack_depth .\n- powerpc/perf/hv-24x7: use kmem_cache instead of aligned stack\n allocations (bsc#931403).\n- powerpc/pseries: Correct cpu affinity for dlpar added cpus (bsc#932967).\n- powerpc: Add VM_FAULT_HWPOISON handling to powerpc page fault handler\n (bsc#929475).\n- powerpc: Fill in si_addr_lsb siginfo field (bsc#929475).\n- powerpc: Simplify do_sigbus (bsc#929475).\n- reiserfs: Fix use after free in journal teardown (bsc#927697).\n- rtlwifi: rtl8192cu: Fix kernel deadlock (bsc#927786).\n- s390/airq: add support for irq ranges (bsc#931860).\n- s390/airq: silence lockdep warning (bsc#931860).\n- s390/compat,signal: change return values to -EFAULT (bsc#929879).\n- s390/ftrace: hotpatch support for function tracing (bsc#924526).\n- s390/irq: improve displayed interrupt order in /proc/interrupts\n (bsc#931860).\n- s390/kernel: use stnsm 255 instead of stosm 0 (bsc#929879).\n- s390/kgr: reorganize kgr infrastructure in entry64.S.\n- s390/mm: align 64-bit PIE binaries to 4GB (bsc#929879).\n- s390/mm: limit STACK_RND_MASK for compat tasks (bsc#929879).\n- s390/rwlock: add missing local_irq_restore calls (bsc#929879).\n- s390/sclp_vt220: Fix kernel panic due to early terminal input\n (bsc#931860).\n- s390/smp: only send external call ipi if needed (bsc#929879).\n- s390/spinlock,rwlock: always to a load-and-test first (bsc#929879).\n- s390/spinlock: cleanup spinlock code (bsc#929879).\n- s390/spinlock: optimize spin_unlock code (bsc#929879).\n- s390/spinlock: optimize spinlock code sequence (bsc#929879).\n- s390/spinlock: refactor arch_spin_lock_wait[_flags] (bsc#929879).\n- s390/time: use stck clock fast for do_account_vtime (bsc#929879).\n- s390: Remove zfcpdump NR_CPUS dependency (bsc#929879).\n- s390: add z13 code generation support (bsc#929879).\n- s390: avoid z13 cache aliasing (bsc#929879).\n- s390: fix control register update (bsc#929879).\n- s390: optimize control register update (bsc#929879).\n- s390: z13 base performance (bsc#929879).\n- sched: fix __sched_setscheduler() vs load balancing race (bsc#921430)\n- scsi: retry MODE SENSE on unit attention (bsc#895814).\n- scsi_dh_alua: Recheck state on unit attention (bsc#895814).\n- scsi_dh_alua: fixup crash in alua_rtpg_work() (bsc#895814).\n- scsi_dh_alua: parse device id instead of target id (bsc#895814).\n- scsi_dh_alua: recheck RTPG in regular intervals (bsc#895814).\n- scsi_dh_alua: update all port states (bsc#895814).\n- sd: always retry READ CAPACITY for ALUA state transition (bsc#895814).\n- st: null pointer dereference panic caused by use after kref_put by\n st_open (bsc#936875).\n- supported.conf: add btrfs to kernel-$flavor-base (bsc#933637)\n- udf: Remove repeated loads blocksize (bsc#933907).\n- usb: core: Fix USB 3.0 devices lost in NOTATTACHED state after a hub\n port reset (bsc#938024).\n- vTPM: set virtual device before passing to ibmvtpm_reset_crq\n (bsc#937087).\n- vfs: add super_operations-\u003eget_inode_dev (bsc#927455).\n- virtio-ccw: virtio-ccw adapter interrupt support (bsc#931860).\n- virtio-rng: do not crash if virtqueue is broken (bsc#931860).\n- virtio: fail adding buffer on broken queues (bsc#931860).\n- virtio: virtio_break_device() to mark all virtqueues broken\n (bsc#931860).\n- virtio_blk: verify if queue is broken after virtqueue_get_buf()\n (bsc#931860).\n- virtio_ccw: fix hang in set offline processing (bsc#931860).\n- virtio_ccw: fix vcdev pointer handling issues (bsc#931860).\n- virtio_ccw: introduce device_lost in virtio_ccw_device (bsc#931860).\n- virtio_net: do not crash if virtqueue is broken (bsc#931860).\n- virtio_net: verify if queue is broken after virtqueue_get_buf()\n (bsc#931860).\n- virtio_ring: adapt to notify() returning bool (bsc#931860).\n- virtio_ring: add new function virtqueue_is_broken() (bsc#931860).\n- virtio_ring: change host notification API (bsc#931860).\n- virtio_ring: let virtqueue_{kick()/notify()} return a bool\n (bsc#931860).\n- virtio_ring: plug kmemleak false positive (bsc#931860).\n- virtio_scsi: do not call virtqueue_add_sgs(... GFP_NOIO) holding\n spinlock (bsc#931860).\n- virtio_scsi: verify if queue is broken after virtqueue_get_buf()\n (bsc#931860).\n- vmxnet3: Bump up driver version number (bsc#936423).\n- vmxnet3: Changes for vmxnet3 adapter version 2 (fwd) (bug#936423).\n- vmxnet3: Fix memory leaks in rx path (fwd) (bug#936423).\n- vmxnet3: Register shutdown handler for device (fwd) (bug#936423).\n- x86/PCI: Use host bridge _CRS info on Foxconn K8M890-8237A\n (bsc#907092).\n- x86/PCI: Use host bridge _CRS info on systems with \u003e32 bit addressing\n (bsc#907092).\n- x86/kgr: move kgr infrastructure from asm to C.\n- x86/mm: Improve AMD Bulldozer ASLR workaround (bsc#937032).\n- xfrm: release dst_orig in case of error in xfrm_lookup() (bsc#932793).\n- xfs: Skip dirty pages in -\u003ereleasepage (bsc#915183).\n- xfs: fix xfs_setattr for DMAPI (bsc#932900).\n- xfs_dmapi: fix transaction ilocks (bsc#932899).\n- xfs_dmapi: fix value from newer Linux strnlen_user() (bsc#932897).\n- xfs_dmapi: xfs_dm_rdwr() uses dir file ops not file\u0027s ops (bsc#932898).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-DESKTOP-12-2015-356,SUSE-SLE-Live-Patching-12-2015-356,SUSE-SLE-Module-Public-Cloud-12-2015-356,SUSE-SLE-SDK-12-2015-356,SUSE-SLE-SERVER-12-2015-356,SUSE-SLE-WE-12-2015-356",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2015_1324-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2015:1324-1",
"url": "https://www.suse.com/support/update/announcement/2015/suse-su-20151324-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2015:1324-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2015-July/001518.html"
},
{
"category": "self",
"summary": "SUSE Bug 854817",
"url": "https://bugzilla.suse.com/854817"
},
{
"category": "self",
"summary": "SUSE Bug 854824",
"url": "https://bugzilla.suse.com/854824"
},
{
"category": "self",
"summary": "SUSE Bug 858727",
"url": "https://bugzilla.suse.com/858727"
},
{
"category": "self",
"summary": "SUSE Bug 866911",
"url": "https://bugzilla.suse.com/866911"
},
{
"category": "self",
"summary": "SUSE Bug 867362",
"url": "https://bugzilla.suse.com/867362"
},
{
"category": "self",
"summary": "SUSE Bug 895814",
"url": "https://bugzilla.suse.com/895814"
},
{
"category": "self",
"summary": "SUSE Bug 903279",
"url": "https://bugzilla.suse.com/903279"
},
{
"category": "self",
"summary": "SUSE Bug 907092",
"url": "https://bugzilla.suse.com/907092"
},
{
"category": "self",
"summary": "SUSE Bug 908491",
"url": "https://bugzilla.suse.com/908491"
},
{
"category": "self",
"summary": "SUSE Bug 915183",
"url": "https://bugzilla.suse.com/915183"
},
{
"category": "self",
"summary": "SUSE Bug 917630",
"url": "https://bugzilla.suse.com/917630"
},
{
"category": "self",
"summary": "SUSE Bug 918618",
"url": "https://bugzilla.suse.com/918618"
},
{
"category": "self",
"summary": "SUSE Bug 921430",
"url": "https://bugzilla.suse.com/921430"
},
{
"category": "self",
"summary": "SUSE Bug 924071",
"url": "https://bugzilla.suse.com/924071"
},
{
"category": "self",
"summary": "SUSE Bug 924526",
"url": "https://bugzilla.suse.com/924526"
},
{
"category": "self",
"summary": "SUSE Bug 926369",
"url": "https://bugzilla.suse.com/926369"
},
{
"category": "self",
"summary": "SUSE Bug 926953",
"url": "https://bugzilla.suse.com/926953"
},
{
"category": "self",
"summary": "SUSE Bug 927455",
"url": "https://bugzilla.suse.com/927455"
},
{
"category": "self",
"summary": "SUSE Bug 927697",
"url": "https://bugzilla.suse.com/927697"
},
{
"category": "self",
"summary": "SUSE Bug 927786",
"url": "https://bugzilla.suse.com/927786"
},
{
"category": "self",
"summary": "SUSE Bug 928131",
"url": "https://bugzilla.suse.com/928131"
},
{
"category": "self",
"summary": "SUSE Bug 929475",
"url": "https://bugzilla.suse.com/929475"
},
{
"category": "self",
"summary": "SUSE Bug 929696",
"url": "https://bugzilla.suse.com/929696"
},
{
"category": "self",
"summary": "SUSE Bug 929879",
"url": "https://bugzilla.suse.com/929879"
},
{
"category": "self",
"summary": "SUSE Bug 929974",
"url": "https://bugzilla.suse.com/929974"
},
{
"category": "self",
"summary": "SUSE Bug 930092",
"url": "https://bugzilla.suse.com/930092"
},
{
"category": "self",
"summary": "SUSE Bug 930399",
"url": "https://bugzilla.suse.com/930399"
},
{
"category": "self",
"summary": "SUSE Bug 930579",
"url": "https://bugzilla.suse.com/930579"
},
{
"category": "self",
"summary": "SUSE Bug 930599",
"url": "https://bugzilla.suse.com/930599"
},
{
"category": "self",
"summary": "SUSE Bug 930972",
"url": "https://bugzilla.suse.com/930972"
},
{
"category": "self",
"summary": "SUSE Bug 931124",
"url": "https://bugzilla.suse.com/931124"
},
{
"category": "self",
"summary": "SUSE Bug 931403",
"url": "https://bugzilla.suse.com/931403"
},
{
"category": "self",
"summary": "SUSE Bug 931538",
"url": "https://bugzilla.suse.com/931538"
},
{
"category": "self",
"summary": "SUSE Bug 931620",
"url": "https://bugzilla.suse.com/931620"
},
{
"category": "self",
"summary": "SUSE Bug 931860",
"url": "https://bugzilla.suse.com/931860"
},
{
"category": "self",
"summary": "SUSE Bug 931988",
"url": "https://bugzilla.suse.com/931988"
},
{
"category": "self",
"summary": "SUSE Bug 932348",
"url": "https://bugzilla.suse.com/932348"
},
{
"category": "self",
"summary": "SUSE Bug 932793",
"url": "https://bugzilla.suse.com/932793"
},
{
"category": "self",
"summary": "SUSE Bug 932897",
"url": "https://bugzilla.suse.com/932897"
},
{
"category": "self",
"summary": "SUSE Bug 932898",
"url": "https://bugzilla.suse.com/932898"
},
{
"category": "self",
"summary": "SUSE Bug 932899",
"url": "https://bugzilla.suse.com/932899"
},
{
"category": "self",
"summary": "SUSE Bug 932900",
"url": "https://bugzilla.suse.com/932900"
},
{
"category": "self",
"summary": "SUSE Bug 932967",
"url": "https://bugzilla.suse.com/932967"
},
{
"category": "self",
"summary": "SUSE Bug 933117",
"url": "https://bugzilla.suse.com/933117"
},
{
"category": "self",
"summary": "SUSE Bug 933429",
"url": "https://bugzilla.suse.com/933429"
},
{
"category": "self",
"summary": "SUSE Bug 933637",
"url": "https://bugzilla.suse.com/933637"
},
{
"category": "self",
"summary": "SUSE Bug 933896",
"url": "https://bugzilla.suse.com/933896"
},
{
"category": "self",
"summary": "SUSE Bug 933904",
"url": "https://bugzilla.suse.com/933904"
},
{
"category": "self",
"summary": "SUSE Bug 933907",
"url": "https://bugzilla.suse.com/933907"
},
{
"category": "self",
"summary": "SUSE Bug 934160",
"url": "https://bugzilla.suse.com/934160"
},
{
"category": "self",
"summary": "SUSE Bug 935083",
"url": "https://bugzilla.suse.com/935083"
},
{
"category": "self",
"summary": "SUSE Bug 935085",
"url": "https://bugzilla.suse.com/935085"
},
{
"category": "self",
"summary": "SUSE Bug 935088",
"url": "https://bugzilla.suse.com/935088"
},
{
"category": "self",
"summary": "SUSE Bug 935174",
"url": "https://bugzilla.suse.com/935174"
},
{
"category": "self",
"summary": "SUSE Bug 935542",
"url": "https://bugzilla.suse.com/935542"
},
{
"category": "self",
"summary": "SUSE Bug 935881",
"url": "https://bugzilla.suse.com/935881"
},
{
"category": "self",
"summary": "SUSE Bug 935918",
"url": "https://bugzilla.suse.com/935918"
},
{
"category": "self",
"summary": "SUSE Bug 936012",
"url": "https://bugzilla.suse.com/936012"
},
{
"category": "self",
"summary": "SUSE Bug 936423",
"url": "https://bugzilla.suse.com/936423"
},
{
"category": "self",
"summary": "SUSE Bug 936445",
"url": "https://bugzilla.suse.com/936445"
},
{
"category": "self",
"summary": "SUSE Bug 936446",
"url": "https://bugzilla.suse.com/936446"
},
{
"category": "self",
"summary": "SUSE Bug 936502",
"url": "https://bugzilla.suse.com/936502"
},
{
"category": "self",
"summary": "SUSE Bug 936556",
"url": "https://bugzilla.suse.com/936556"
},
{
"category": "self",
"summary": "SUSE Bug 936831",
"url": "https://bugzilla.suse.com/936831"
},
{
"category": "self",
"summary": "SUSE Bug 936875",
"url": "https://bugzilla.suse.com/936875"
},
{
"category": "self",
"summary": "SUSE Bug 937032",
"url": "https://bugzilla.suse.com/937032"
},
{
"category": "self",
"summary": "SUSE Bug 937087",
"url": "https://bugzilla.suse.com/937087"
},
{
"category": "self",
"summary": "SUSE Bug 937609",
"url": "https://bugzilla.suse.com/937609"
},
{
"category": "self",
"summary": "SUSE Bug 937612",
"url": "https://bugzilla.suse.com/937612"
},
{
"category": "self",
"summary": "SUSE Bug 937613",
"url": "https://bugzilla.suse.com/937613"
},
{
"category": "self",
"summary": "SUSE Bug 937616",
"url": "https://bugzilla.suse.com/937616"
},
{
"category": "self",
"summary": "SUSE Bug 938022",
"url": "https://bugzilla.suse.com/938022"
},
{
"category": "self",
"summary": "SUSE Bug 938023",
"url": "https://bugzilla.suse.com/938023"
},
{
"category": "self",
"summary": "SUSE Bug 938024",
"url": "https://bugzilla.suse.com/938024"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9728 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9728/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9729 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9729/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9730 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9730/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-9731 page",
"url": "https://www.suse.com/security/cve/CVE-2014-9731/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-1805 page",
"url": "https://www.suse.com/security/cve/CVE-2015-1805/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-3212 page",
"url": "https://www.suse.com/security/cve/CVE-2015-3212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4036 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4167 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-4692 page",
"url": "https://www.suse.com/security/cve/CVE-2015-4692/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5364 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5364/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2015-5366 page",
"url": "https://www.suse.com/security/cve/CVE-2015-5366/"
}
],
"title": "Security update for the SUSE Linux Enterprise 12 kernel",
"tracking": {
"current_release_date": "2015-07-16T14:57:20Z",
"generator": {
"date": "2015-07-16T14:57:20Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2015:1324-1",
"initial_release_date": "2015-07-16T14:57:20Z",
"revision_history": [
{
"date": "2015-07-16T14:57:20Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.44-52.10.1.noarch",
"product": {
"name": "kernel-devel-3.12.44-52.10.1.noarch",
"product_id": "kernel-devel-3.12.44-52.10.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.44-52.10.1.noarch",
"product": {
"name": "kernel-macros-3.12.44-52.10.1.noarch",
"product_id": "kernel-macros-3.12.44-52.10.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.44-52.10.1.noarch",
"product": {
"name": "kernel-source-3.12.44-52.10.1.noarch",
"product_id": "kernel-source-3.12.44-52.10.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-docs-3.12.44-52.10.3.noarch",
"product": {
"name": "kernel-docs-3.12.44-52.10.3.noarch",
"product_id": "kernel-docs-3.12.44-52.10.3.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-3.12.44-52.10.1.ppc64le",
"product": {
"name": "kernel-obs-build-3.12.44-52.10.1.ppc64le",
"product_id": "kernel-obs-build-3.12.44-52.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.44-52.10.1.ppc64le",
"product": {
"name": "kernel-default-3.12.44-52.10.1.ppc64le",
"product_id": "kernel-default-3.12.44-52.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.44-52.10.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.44-52.10.1.ppc64le",
"product_id": "kernel-default-base-3.12.44-52.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.44-52.10.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.44-52.10.1.ppc64le",
"product_id": "kernel-default-devel-3.12.44-52.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.44-52.10.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.44-52.10.1.ppc64le",
"product_id": "kernel-syms-3.12.44-52.10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-obs-build-3.12.44-52.10.1.s390x",
"product": {
"name": "kernel-obs-build-3.12.44-52.10.1.s390x",
"product_id": "kernel-obs-build-3.12.44-52.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.44-52.10.1.s390x",
"product": {
"name": "kernel-default-3.12.44-52.10.1.s390x",
"product_id": "kernel-default-3.12.44-52.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.44-52.10.1.s390x",
"product": {
"name": "kernel-default-base-3.12.44-52.10.1.s390x",
"product_id": "kernel-default-base-3.12.44-52.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.44-52.10.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.44-52.10.1.s390x",
"product_id": "kernel-default-devel-3.12.44-52.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.44-52.10.1.s390x",
"product": {
"name": "kernel-default-man-3.12.44-52.10.1.s390x",
"product_id": "kernel-default-man-3.12.44-52.10.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.44-52.10.1.s390x",
"product": {
"name": "kernel-syms-3.12.44-52.10.1.s390x",
"product_id": "kernel-syms-3.12.44-52.10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-default-3.12.44-52.10.1.x86_64",
"product_id": "kernel-default-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.44-52.10.1.x86_64",
"product_id": "kernel-default-devel-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-extra-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-default-extra-3.12.44-52.10.1.x86_64",
"product_id": "kernel-default-extra-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-syms-3.12.44-52.10.1.x86_64",
"product_id": "kernel-syms-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-xen-3.12.44-52.10.1.x86_64",
"product_id": "kernel-xen-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.44-52.10.1.x86_64",
"product_id": "kernel-xen-devel-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"product_id": "kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"product_id": "kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.44-52.10.1.x86_64",
"product_id": "kernel-ec2-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-obs-build-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-obs-build-3.12.44-52.10.1.x86_64",
"product_id": "kernel-obs-build-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.44-52.10.1.x86_64",
"product_id": "kernel-default-base-3.12.44-52.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.44-52.10.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.44-52.10.1.x86_64",
"product_id": "kernel-xen-base-3.12.44-52.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Desktop 12",
"product": {
"name": "SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sled:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Live Patching 12",
"product": {
"name": "SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-live-patching:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12",
"product": {
"name": "SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 12",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 12",
"product_id": "SUSE Linux Enterprise Workstation Extension 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-extra-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.44-52.10.1.noarch as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch"
},
"product_reference": "kernel-devel-3.12.44-52.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.44-52.10.1.noarch as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch"
},
"product_reference": "kernel-macros-3.12.44-52.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.44-52.10.1.noarch as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch"
},
"product_reference": "kernel-source-3.12.44-52.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-syms-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-xen-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Desktop 12",
"product_id": "SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64 as component of SUSE Linux Enterprise Live Patching 12",
"product_id": "SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Live Patching 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-docs-3.12.44-52.10.3.noarch as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch"
},
"product_reference": "kernel-docs-3.12.44-52.10.3.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.44-52.10.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le"
},
"product_reference": "kernel-obs-build-3.12.44-52.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-obs-build-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-obs-build-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
"product_id": "SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-obs-build-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.44-52.10.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le"
},
"product_reference": "kernel-default-3.12.44-52.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-default-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.44-52.10.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.44-52.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-default-base-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.44-52.10.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.44-52.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-default-man-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.44-52.10.1.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch"
},
"product_reference": "kernel-devel-3.12.44-52.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.44-52.10.1.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch"
},
"product_reference": "kernel-macros-3.12.44-52.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.44-52.10.1.noarch as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch"
},
"product_reference": "kernel-source-3.12.44-52.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.44-52.10.1.ppc64le as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.44-52.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-syms-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-syms-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-xen-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server 12",
"product_id": "SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.44-52.10.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le"
},
"product_reference": "kernel-default-3.12.44-52.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-default-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.44-52.10.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.44-52.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-default-base-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.44-52.10.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.44-52.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-default-man-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.44-52.10.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch"
},
"product_reference": "kernel-devel-3.12.44-52.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.44-52.10.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch"
},
"product_reference": "kernel-macros-3.12.44-52.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.44-52.10.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch"
},
"product_reference": "kernel-source-3.12.44-52.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.44-52.10.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.44-52.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.44-52.10.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x"
},
"product_reference": "kernel-syms-3.12.44-52.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-syms-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-xen-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-extra-3.12.44-52.10.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 12",
"product_id": "SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
},
"product_reference": "kernel-default-extra-3.12.44-52.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9728",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9728"
}
],
"notes": [
{
"category": "general",
"text": "The UDF filesystem implementation in the Linux kernel before 3.18.2 does not validate certain lengths, which allows local users to cause a denial of service (buffer over-read and system crash) via a crafted filesystem image, related to fs/udf/inode.c and fs/udf/symlink.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9728",
"url": "https://www.suse.com/security/cve/CVE-2014-9728"
},
{
"category": "external",
"summary": "SUSE Bug 911325 for CVE-2014-9728",
"url": "https://bugzilla.suse.com/911325"
},
{
"category": "external",
"summary": "SUSE Bug 933904 for CVE-2014-9728",
"url": "https://bugzilla.suse.com/933904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "low"
}
],
"title": "CVE-2014-9728"
},
{
"cve": "CVE-2014-9729",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9729"
}
],
"notes": [
{
"category": "general",
"text": "The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.18.2 does not ensure a certain data-structure size consistency, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9729",
"url": "https://www.suse.com/security/cve/CVE-2014-9729"
},
{
"category": "external",
"summary": "SUSE Bug 911325 for CVE-2014-9729",
"url": "https://bugzilla.suse.com/911325"
},
{
"category": "external",
"summary": "SUSE Bug 933904 for CVE-2014-9729",
"url": "https://bugzilla.suse.com/933904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "low"
}
],
"title": "CVE-2014-9729"
},
{
"cve": "CVE-2014-9730",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9730"
}
],
"notes": [
{
"category": "general",
"text": "The udf_pc_to_char function in fs/udf/symlink.c in the Linux kernel before 3.18.2 relies on component lengths that are unused, which allows local users to cause a denial of service (system crash) via a crafted UDF filesystem image.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9730",
"url": "https://www.suse.com/security/cve/CVE-2014-9730"
},
{
"category": "external",
"summary": "SUSE Bug 911325 for CVE-2014-9730",
"url": "https://bugzilla.suse.com/911325"
},
{
"category": "external",
"summary": "SUSE Bug 933904 for CVE-2014-9730",
"url": "https://bugzilla.suse.com/933904"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "low"
}
],
"title": "CVE-2014-9730"
},
{
"cve": "CVE-2014-9731",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-9731"
}
],
"notes": [
{
"category": "general",
"text": "The UDF filesystem implementation in the Linux kernel before 3.18.2 does not ensure that space is available for storing a symlink target\u0027s name along with a trailing \\0 character, which allows local users to obtain sensitive information via a crafted filesystem image, related to fs/udf/symlink.c and fs/udf/unicode.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-9731",
"url": "https://www.suse.com/security/cve/CVE-2014-9731"
},
{
"category": "external",
"summary": "SUSE Bug 911325 for CVE-2014-9731",
"url": "https://bugzilla.suse.com/911325"
},
{
"category": "external",
"summary": "SUSE Bug 933896 for CVE-2014-9731",
"url": "https://bugzilla.suse.com/933896"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "moderate"
}
],
"title": "CVE-2014-9731"
},
{
"cve": "CVE-2015-1805",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-1805"
}
],
"notes": [
{
"category": "general",
"text": "The (1) pipe_read and (2) pipe_write implementations in fs/pipe.c in the Linux kernel before 3.16 do not properly consider the side effects of failed __copy_to_user_inatomic and __copy_from_user_inatomic calls, which allows local users to cause a denial of service (system crash) or possibly gain privileges via a crafted application, aka an \"I/O vector array overrun.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-1805",
"url": "https://www.suse.com/security/cve/CVE-2015-1805"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 933429 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/933429"
},
{
"category": "external",
"summary": "SUSE Bug 939270 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/939270"
},
{
"category": "external",
"summary": "SUSE Bug 964730 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/964730"
},
{
"category": "external",
"summary": "SUSE Bug 964732 for CVE-2015-1805",
"url": "https://bugzilla.suse.com/964732"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "important"
}
],
"title": "CVE-2015-1805"
},
{
"cve": "CVE-2015-3212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-3212"
}
],
"notes": [
{
"category": "general",
"text": "Race condition in net/sctp/socket.c in the Linux kernel before 4.1.2 allows local users to cause a denial of service (list corruption and panic) via a rapid series of system calls related to sockets, as demonstrated by setsockopt calls.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-3212",
"url": "https://www.suse.com/security/cve/CVE-2015-3212"
},
{
"category": "external",
"summary": "SUSE Bug 936502 for CVE-2015-3212",
"url": "https://bugzilla.suse.com/936502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "moderate"
}
],
"title": "CVE-2015-3212"
},
{
"cve": "CVE-2015-4036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4036"
}
],
"notes": [
{
"category": "general",
"text": "Array index error in the tcm_vhost_make_tpg function in drivers/vhost/scsi.c in the Linux kernel before 4.0 might allow guest OS users to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted VHOST_SCSI_SET_ENDPOINT ioctl call. NOTE: the affected function was renamed to vhost_scsi_make_tpg before the vulnerability was announced.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4036",
"url": "https://www.suse.com/security/cve/CVE-2015-4036"
},
{
"category": "external",
"summary": "SUSE Bug 931988 for CVE-2015-4036",
"url": "https://bugzilla.suse.com/931988"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "moderate"
}
],
"title": "CVE-2015-4036"
},
{
"cve": "CVE-2015-4167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4167"
}
],
"notes": [
{
"category": "general",
"text": "The udf_read_inode function in fs/udf/inode.c in the Linux kernel before 3.19.1 does not validate certain length values, which allows local users to cause a denial of service (incorrect data representation or integer overflow, and OOPS) via a crafted UDF filesystem.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4167",
"url": "https://www.suse.com/security/cve/CVE-2015-4167"
},
{
"category": "external",
"summary": "SUSE Bug 917839 for CVE-2015-4167",
"url": "https://bugzilla.suse.com/917839"
},
{
"category": "external",
"summary": "SUSE Bug 933907 for CVE-2015-4167",
"url": "https://bugzilla.suse.com/933907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "moderate"
}
],
"title": "CVE-2015-4167"
},
{
"cve": "CVE-2015-4692",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-4692"
}
],
"notes": [
{
"category": "general",
"text": "The kvm_apic_has_events function in arch/x86/kvm/lapic.h in the Linux kernel through 4.1.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging /dev/kvm access for an ioctl call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-4692",
"url": "https://www.suse.com/security/cve/CVE-2015-4692"
},
{
"category": "external",
"summary": "SUSE Bug 935542 for CVE-2015-4692",
"url": "https://bugzilla.suse.com/935542"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "important"
}
],
"title": "CVE-2015-4692"
},
{
"cve": "CVE-2015-5364",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5364"
}
],
"notes": [
{
"category": "general",
"text": "The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5364",
"url": "https://www.suse.com/security/cve/CVE-2015-5364"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 781018 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/781018"
},
{
"category": "external",
"summary": "SUSE Bug 936831 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/936831"
},
{
"category": "external",
"summary": "SUSE Bug 939276 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/939276"
},
{
"category": "external",
"summary": "SUSE Bug 945112 for CVE-2015-5364",
"url": "https://bugzilla.suse.com/945112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "moderate"
}
],
"title": "CVE-2015-5364"
},
{
"cve": "CVE-2015-5366",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2015-5366"
}
],
"notes": [
{
"category": "general",
"text": "The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 provide inappropriate -EAGAIN return values, which allows remote attackers to cause a denial of service (EPOLLET epoll application read outage) via an incorrect checksum in a UDP packet, a different vulnerability than CVE-2015-5364.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2015-5366",
"url": "https://www.suse.com/security/cve/CVE-2015-5366"
},
{
"category": "external",
"summary": "SUSE Bug 781018 for CVE-2015-5366",
"url": "https://bugzilla.suse.com/781018"
},
{
"category": "external",
"summary": "SUSE Bug 936831 for CVE-2015-5366",
"url": "https://bugzilla.suse.com/936831"
},
{
"category": "external",
"summary": "SUSE Bug 939276 for CVE-2015-5366",
"url": "https://bugzilla.suse.com/939276"
},
{
"category": "external",
"summary": "SUSE Bug 945112 for CVE-2015-5366",
"url": "https://bugzilla.suse.com/945112"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Desktop 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-default-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Desktop 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Desktop 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-default-1-2.1.x86_64",
"SUSE Linux Enterprise Live Patching 12:kgraft-patch-3_12_44-52_10-xen-1-2.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-default-man-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-devel-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-macros-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-source-3.12.44-52.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-syms-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-base-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12:kernel-xen-devel-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12:kernel-docs-3.12.44-52.10.3.noarch",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12:kernel-obs-build-3.12.44-52.10.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 12:kernel-default-extra-3.12.44-52.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2015-07-16T14:57:20Z",
"details": "moderate"
}
],
"title": "CVE-2015-5366"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…