Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-11089 (GCVE-0-2017-11089)
Vulnerability from cvelistv5 – Published: 2017-11-16 22:00 – Updated: 2024-09-16 21:03
VLAI?
EPSS
Summary
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes
Severity ?
No CVSS data available.
CWE
- Buffer Over-read in WLAN
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Qualcomm, Inc. | Android for MSM, Firefox OS for MSM, QRD Android |
Affected:
All Android releases from CAF using the Linux kernel
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:57:57.587Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "USN-3620-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"name": "USN-3620-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/3620-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Android for MSM, Firefox OS for MSM, QRD Android",
"vendor": "Qualcomm, Inc.",
"versions": [
{
"status": "affected",
"version": "All Android releases from CAF using the Linux kernel"
}
]
}
],
"datePublic": "2017-11-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Buffer Over-read in WLAN",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-04-05T09:57:01",
"orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"shortName": "qualcomm"
},
"references": [
{
"name": "USN-3620-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"name": "USN-3620-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/3620-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-11-01T00:00:00",
"ID": "CVE-2017-11089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Over-read in WLAN"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3620-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"name": "https://source.android.com/security/bulletin/pixel/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"name": "USN-3620-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3620-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f",
"assignerShortName": "qualcomm",
"cveId": "CVE-2017-11089",
"datePublished": "2017-11-16T22:00:00Z",
"dateReserved": "2017-07-07T00:00:00",
"dateUpdated": "2024-09-16T21:03:37.824Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes\"}, {\"lang\": \"es\", \"value\": \"En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, se observa una sobrelectura de b\\u00fafer en nl80211_set_station cuando la aplicaci\\u00f3n del espacio de usuario env\\u00eda el atributo NL80211_ATTR_LOCAL_MESH_POWER_MODE con datos de un tama\\u00f1o inferior a 4 bytes.\"}]",
"id": "CVE-2017-11089",
"lastModified": "2024-11-21T03:07:04.547",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-11-16T22:29:01.190",
"references": "[{\"url\": \"https://source.android.com/security/bulletin/pixel/2017-11-01\", \"source\": \"product-security@qualcomm.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3620-1/\", \"source\": \"product-security@qualcomm.com\"}, {\"url\": \"https://usn.ubuntu.com/3620-2/\", \"source\": \"product-security@qualcomm.com\"}, {\"url\": \"https://source.android.com/security/bulletin/pixel/2017-11-01\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://usn.ubuntu.com/3620-1/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://usn.ubuntu.com/3620-2/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "product-security@qualcomm.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-11089\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2017-11-16T22:29:01.190\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes\"},{\"lang\":\"es\",\"value\":\"En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, se observa una sobrelectura de b\u00fafer en nl80211_set_station cuando la aplicaci\u00f3n del espacio de usuario env\u00eda el atributo NL80211_ATTR_LOCAL_MESH_POWER_MODE con datos de un tama\u00f1o inferior a 4 bytes.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}]}]}],\"references\":[{\"url\":\"https://source.android.com/security/bulletin/pixel/2017-11-01\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3620-1/\",\"source\":\"product-security@qualcomm.com\"},{\"url\":\"https://usn.ubuntu.com/3620-2/\",\"source\":\"product-security@qualcomm.com\"},{\"url\":\"https://source.android.com/security/bulletin/pixel/2017-11-01\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/3620-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://usn.ubuntu.com/3620-2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2018-AVI-232
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP1 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 12 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP1-LTSS | ||
| SUSE | N/A | SUSE OpenStack Cloud 6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP2 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-1000199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000199"
},
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2017-18203",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18203"
},
{
"name": "CVE-2018-1087",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1087"
},
{
"name": "CVE-2017-13220",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13220"
},
{
"name": "CVE-2018-8781",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8781"
},
{
"name": "CVE-2018-10124",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10124"
},
{
"name": "CVE-2018-7757",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7757"
},
{
"name": "CVE-2018-8822",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8822"
},
{
"name": "CVE-2017-11089",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11089"
},
{
"name": "CVE-2018-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8043"
},
{
"name": "CVE-2018-10087",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10087"
},
{
"name": "CVE-2017-18257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18257"
},
{
"name": "CVE-2018-1091",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1091"
},
{
"name": "CVE-2018-8897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
},
{
"name": "CVE-2018-7740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7740"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-232",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-05-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181237-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181237-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181263-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181263-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181231-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181231-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181252-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181252-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181261-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181261-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181272-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181272-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181257-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181257-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181228-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181228-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181230-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181230-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181239-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181239-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181232-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181232-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181268-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181268-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181221-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181221-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181270-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181270-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181255-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181255-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181234-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181234-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181227-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181227-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181225-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181225-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181248-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181248-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181253-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181253-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181260-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181260-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181236-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181236-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181226-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181226-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181267-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181267-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181251-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181251-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181254-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181254-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181247-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181247-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181242-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181242-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181246-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181246-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181258-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181258-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181273-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181273-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181259-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181259-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181243-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181243-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181262-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181262-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181235-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181235-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181223-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181223-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181250-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181250-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181266-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181266-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181244-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181244-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181240-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181240-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181222-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181222-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181233-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181233-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181269-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181269-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181238-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181238-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181264-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181264-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181229-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181229-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181217-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181217-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181256-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181256-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181224-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181224-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181249-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181249-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181245-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181245-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181220-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181220-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181241-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181241-1/"
}
]
}
CERTFR-2018-AVI-170
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 17.10 sur Raspberry Pi 2",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2017-16646",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16646"
},
{
"name": "CVE-2017-18203",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18203"
},
{
"name": "CVE-2018-7492",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7492"
},
{
"name": "CVE-2017-12762",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12762"
},
{
"name": "CVE-2018-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5344"
},
{
"name": "CVE-2017-16536",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16536"
},
{
"name": "CVE-2017-17806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17806"
},
{
"name": "CVE-2017-1000407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000407"
},
{
"name": "CVE-2018-6927",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6927"
},
{
"name": "CVE-2017-11472",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11472"
},
{
"name": "CVE-2018-5333",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5333"
},
{
"name": "CVE-2017-16649",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16649"
},
{
"name": "CVE-2017-17805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17805"
},
{
"name": "CVE-2017-15129",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15129"
},
{
"name": "CVE-2017-16528",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16528"
},
{
"name": "CVE-2017-11089",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11089"
},
{
"name": "CVE-2017-17862",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17862"
},
{
"name": "CVE-2018-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8043"
},
{
"name": "CVE-2017-16994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16994"
},
{
"name": "CVE-2017-18208",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18208"
},
{
"name": "CVE-2017-17558",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17558"
},
{
"name": "CVE-2018-5332",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5332"
},
{
"name": "CVE-2017-16914",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16914"
},
{
"name": "CVE-2017-18075",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18075"
},
{
"name": "CVE-2017-16537",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16537"
},
{
"name": "CVE-2017-17450",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17450"
},
{
"name": "CVE-2017-17449",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17449"
},
{
"name": "CVE-2018-1000026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000026"
},
{
"name": "CVE-2017-16913",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16913"
},
{
"name": "CVE-2017-18204",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18204"
},
{
"name": "CVE-2017-16532",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16532"
},
{
"name": "CVE-2017-16650",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16650"
},
{
"name": "CVE-2017-16647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16647"
},
{
"name": "CVE-2017-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16645"
},
{
"name": "CVE-2017-17807",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17807"
},
{
"name": "CVE-2017-17448",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17448"
},
{
"name": "CVE-2017-16912",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16912"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2017-16911",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16911"
},
{
"name": "CVE-2017-7518",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7518"
},
{
"name": "CVE-2017-16995",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16995"
},
{
"name": "CVE-2017-17741",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17741"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-170",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-04-05T00:00:00.000000"
},
{
"description": "Ajout des bulletins de s\u00e9curit\u00e9 Ubuntu du 05 avril 2018",
"revision_date": "2018-04-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu . Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3620-2 du 05 avril 2018",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3617-3 du 04 avril 2018",
"url": "https://usn.ubuntu.com/3617-3/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3619-1 du 04 avril 2018",
"url": "https://usn.ubuntu.com/3619-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3620-2 du 04 avril 2018",
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3620-1 du 04 avril 2018",
"url": "https://usn.ubuntu.com/3620-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3619-2 du 05 avril 2018",
"url": null
}
]
}
CERTFR-2018-AVI-170
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux d'Ubuntu . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Ubuntu 16.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 14.04 LTS",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 17.10 sur Raspberry Pi 2",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
},
{
"description": "Ubuntu 12.04 ESM",
"product": {
"name": "Ubuntu",
"vendor": {
"name": "Ubuntu",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2017-16646",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16646"
},
{
"name": "CVE-2017-18203",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18203"
},
{
"name": "CVE-2018-7492",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7492"
},
{
"name": "CVE-2017-12762",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12762"
},
{
"name": "CVE-2018-5344",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5344"
},
{
"name": "CVE-2017-16536",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16536"
},
{
"name": "CVE-2017-17806",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17806"
},
{
"name": "CVE-2017-1000407",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000407"
},
{
"name": "CVE-2018-6927",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-6927"
},
{
"name": "CVE-2017-11472",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11472"
},
{
"name": "CVE-2018-5333",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5333"
},
{
"name": "CVE-2017-16649",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16649"
},
{
"name": "CVE-2017-17805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17805"
},
{
"name": "CVE-2017-15129",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15129"
},
{
"name": "CVE-2017-16528",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16528"
},
{
"name": "CVE-2017-11089",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11089"
},
{
"name": "CVE-2017-17862",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17862"
},
{
"name": "CVE-2018-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8043"
},
{
"name": "CVE-2017-16994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16994"
},
{
"name": "CVE-2017-18208",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18208"
},
{
"name": "CVE-2017-17558",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17558"
},
{
"name": "CVE-2018-5332",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5332"
},
{
"name": "CVE-2017-16914",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16914"
},
{
"name": "CVE-2017-18075",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18075"
},
{
"name": "CVE-2017-16537",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16537"
},
{
"name": "CVE-2017-17450",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17450"
},
{
"name": "CVE-2017-17449",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17449"
},
{
"name": "CVE-2018-1000026",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000026"
},
{
"name": "CVE-2017-16913",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16913"
},
{
"name": "CVE-2017-18204",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18204"
},
{
"name": "CVE-2017-16532",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16532"
},
{
"name": "CVE-2017-16650",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16650"
},
{
"name": "CVE-2017-16647",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16647"
},
{
"name": "CVE-2017-16645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16645"
},
{
"name": "CVE-2017-17807",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17807"
},
{
"name": "CVE-2017-17448",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17448"
},
{
"name": "CVE-2017-16912",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16912"
},
{
"name": "CVE-2017-5715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5715"
},
{
"name": "CVE-2017-16911",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16911"
},
{
"name": "CVE-2017-7518",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7518"
},
{
"name": "CVE-2017-16995",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16995"
},
{
"name": "CVE-2017-17741",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17741"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-170",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-04-05T00:00:00.000000"
},
{
"description": "Ajout des bulletins de s\u00e9curit\u00e9 Ubuntu du 05 avril 2018",
"revision_date": "2018-04-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux\nd\u0027Ubuntu . Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux d\u0027Ubuntu",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3620-2 du 05 avril 2018",
"url": null
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3617-3 du 04 avril 2018",
"url": "https://usn.ubuntu.com/3617-3/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3619-1 du 04 avril 2018",
"url": "https://usn.ubuntu.com/3619-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3620-2 du 04 avril 2018",
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3620-1 du 04 avril 2018",
"url": "https://usn.ubuntu.com/3620-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Ubuntu USN-3619-2 du 05 avril 2018",
"url": null
}
]
}
CERTFR-2018-AVI-232
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP1 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time Extension 12-SP3 | ||
| SUSE | N/A | SUSE Linux Enterprise Module for Public Cloud 12 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 12-SP1-LTSS | ||
| SUSE | N/A | SUSE OpenStack Cloud 6 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP 12-SP2 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP1",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time Extension 12-SP3",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 12-SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE OpenStack Cloud 6",
"product": {
"name": "N/A",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP 12-SP2",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-1000199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000199"
},
{
"name": "CVE-2017-0861",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-0861"
},
{
"name": "CVE-2017-18203",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18203"
},
{
"name": "CVE-2018-1087",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1087"
},
{
"name": "CVE-2017-13220",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13220"
},
{
"name": "CVE-2018-8781",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8781"
},
{
"name": "CVE-2018-10124",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10124"
},
{
"name": "CVE-2018-7757",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7757"
},
{
"name": "CVE-2018-8822",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8822"
},
{
"name": "CVE-2017-11089",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11089"
},
{
"name": "CVE-2018-8043",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8043"
},
{
"name": "CVE-2018-10087",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10087"
},
{
"name": "CVE-2017-18257",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-18257"
},
{
"name": "CVE-2018-1091",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1091"
},
{
"name": "CVE-2018-8897",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8897"
},
{
"name": "CVE-2018-7740",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7740"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-232",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-05-14T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de\nSUSE . Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire, un d\u00e9ni de service et une atteinte \u00e0\nla confidentialit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181237-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181237-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181263-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181263-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181231-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181231-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181252-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181252-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181261-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181261-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181272-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181272-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181257-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181257-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181228-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181228-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181230-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181230-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181239-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181239-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181232-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181232-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181268-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181268-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181221-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181221-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181270-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181270-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181255-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181255-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181234-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181234-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181227-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181227-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181225-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181225-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181248-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181248-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181253-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181253-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181260-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181260-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181236-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181236-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181226-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181226-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181267-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181267-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181251-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181251-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181254-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181254-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181247-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181247-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181242-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181242-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181246-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181246-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181258-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181258-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181273-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181273-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181259-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181259-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181243-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181243-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181262-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181262-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181235-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181235-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181223-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181223-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181250-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181250-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181266-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181266-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181244-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181244-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181240-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181240-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181222-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181222-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181233-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181233-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181269-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181269-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181238-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181238-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181264-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181264-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181229-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181229-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181217-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181217-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181256-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181256-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181224-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181224-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181249-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181249-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181245-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181245-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181220-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181220-1/"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 SUSE suse-su-20181241-1 du 11 mai 2018",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181241-1/"
}
]
}
GHSA-2RW2-4F93-GF5G
Vulnerability from github – Published: 2022-05-13 01:42 – Updated: 2025-04-20 03:48
VLAI?
Details
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes
Severity ?
7.5 (High)
{
"affected": [],
"aliases": [
"CVE-2017-11089"
],
"database_specific": {
"cwe_ids": [
"CWE-125"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-11-16T22:29:00Z",
"severity": "HIGH"
},
"details": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes",
"id": "GHSA-2rw2-4f93-gf5g",
"modified": "2025-04-20T03:48:36Z",
"published": "2022-05-13T01:42:07Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-11089"
},
{
"type": "WEB",
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3620-1"
},
{
"type": "WEB",
"url": "https://usn.ubuntu.com/3620-2"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
]
}
SUSE-SU-2018:1220-1
Vulnerability from csaf_suse - Published: 2018-05-11 15:30 - Updated: 2018-05-11 15:30Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088)
- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088)
- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bnc#1090643).
- CVE-2018-10124: The kill_something_info function in kernel/signal.c might allow local users to cause a denial of service via an INT_MIN argument (bnc#1089752).
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c in might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value (bnc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536).
- CVE-2017-13220: An elevation of privilege vulnerability in the Upstream kernel bluez was fixed. (bnc#1076537).
- CVE-2017-11089: A buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes (bnc#1088261).
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem allowed attackers to gain privileges via unspecified vectors (bnc#1088260).
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c allowed local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices (bnc#1083242).
The following non-security bugs were fixed:
- Integrate fixes resulting from bsc#1088147 More info in the respective commit messages.
- kabi: x86/kaiser: properly align trampoline stack (bsc#1087260).
- dcache: Add cond_resched in shrink_dentry_list (bsc#1086194).
- kGraft: fix small race in reversion code (bsc#1083125).
- kabi/severities: Ignore kgr_shadow_* kABI changes
- kvm/x86: fix icebp instruction handling (bsc#1087088).
- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299 fate#313296).
- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299 fate#313296).
- usbnet: Fix a race between usbnet_stop() and the BH (bsc#1083275).
- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).
- x86/kaiser: properly align trampoline stack (bsc#1087260).
- x86/retpoline: do not perform thunk calls in ring3 vsyscall code (bsc#1085331).
Patchnames
SUSE-OpenStack-Cloud-6-2018-845,SUSE-SLE-Module-Public-Cloud-12-2018-845,SUSE-SLE-SAP-12-SP1-2018-845,SUSE-SLE-SERVER-12-SP1-2018-845
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 SP1 LTSS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088)\n- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088)\n- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bnc#1090643).\n- CVE-2018-10124: The kill_something_info function in kernel/signal.c might allow local users to cause a denial of service via an INT_MIN argument (bnc#1089752).\n- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c in might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value (bnc#1089608).\n- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536).\n- CVE-2017-13220: An elevation of privilege vulnerability in the Upstream kernel bluez was fixed. (bnc#1076537).\n- CVE-2017-11089: A buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes (bnc#1088261).\n- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem allowed attackers to gain privileges via unspecified vectors (bnc#1088260).\n- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).\n- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c allowed local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices (bnc#1083242).\n\nThe following non-security bugs were fixed:\n\n- Integrate fixes resulting from bsc#1088147 More info in the respective commit messages.\n- kabi: x86/kaiser: properly align trampoline stack (bsc#1087260).\n- dcache: Add cond_resched in shrink_dentry_list (bsc#1086194).\n- kGraft: fix small race in reversion code (bsc#1083125).\n- kabi/severities: Ignore kgr_shadow_* kABI changes\n- kvm/x86: fix icebp instruction handling (bsc#1087088).\n- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299 fate#313296).\n- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299 fate#313296).\n- usbnet: Fix a race between usbnet_stop() and the BH (bsc#1083275).\n- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).\n- x86/espfix: Fix return stack in do_double_fault() (bsc#1085279).\n- x86/kaiser: properly align trampoline stack (bsc#1087260).\n- x86/retpoline: do not perform thunk calls in ring3 vsyscall code (bsc#1085331).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-6-2018-845,SUSE-SLE-Module-Public-Cloud-12-2018-845,SUSE-SLE-SAP-12-SP1-2018-845,SUSE-SLE-SERVER-12-SP1-2018-845",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1220-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1220-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181220-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1220-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/003997.html"
},
{
"category": "self",
"summary": "SUSE Bug 1076537",
"url": "https://bugzilla.suse.com/1076537"
},
{
"category": "self",
"summary": "SUSE Bug 1082299",
"url": "https://bugzilla.suse.com/1082299"
},
{
"category": "self",
"summary": "SUSE Bug 1083125",
"url": "https://bugzilla.suse.com/1083125"
},
{
"category": "self",
"summary": "SUSE Bug 1083242",
"url": "https://bugzilla.suse.com/1083242"
},
{
"category": "self",
"summary": "SUSE Bug 1083275",
"url": "https://bugzilla.suse.com/1083275"
},
{
"category": "self",
"summary": "SUSE Bug 1084536",
"url": "https://bugzilla.suse.com/1084536"
},
{
"category": "self",
"summary": "SUSE Bug 1085279",
"url": "https://bugzilla.suse.com/1085279"
},
{
"category": "self",
"summary": "SUSE Bug 1085331",
"url": "https://bugzilla.suse.com/1085331"
},
{
"category": "self",
"summary": "SUSE Bug 1086162",
"url": "https://bugzilla.suse.com/1086162"
},
{
"category": "self",
"summary": "SUSE Bug 1086194",
"url": "https://bugzilla.suse.com/1086194"
},
{
"category": "self",
"summary": "SUSE Bug 1087088",
"url": "https://bugzilla.suse.com/1087088"
},
{
"category": "self",
"summary": "SUSE Bug 1087260",
"url": "https://bugzilla.suse.com/1087260"
},
{
"category": "self",
"summary": "SUSE Bug 1088147",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "self",
"summary": "SUSE Bug 1088260",
"url": "https://bugzilla.suse.com/1088260"
},
{
"category": "self",
"summary": "SUSE Bug 1088261",
"url": "https://bugzilla.suse.com/1088261"
},
{
"category": "self",
"summary": "SUSE Bug 1089608",
"url": "https://bugzilla.suse.com/1089608"
},
{
"category": "self",
"summary": "SUSE Bug 1089752",
"url": "https://bugzilla.suse.com/1089752"
},
{
"category": "self",
"summary": "SUSE Bug 1090643",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-0861 page",
"url": "https://www.suse.com/security/cve/CVE-2017-0861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11089 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13220 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18203 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10124 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7757 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8822 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8897 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8897/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-05-11T15:30:04Z",
"generator": {
"date": "2018-05-11T15:30:04Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1220-1",
"initial_release_date": "2018-05-11T15:30:04Z",
"revision_history": [
{
"date": "2018-05-11T15:30:04Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.74-60.64.88.1.noarch",
"product": {
"name": "kernel-devel-3.12.74-60.64.88.1.noarch",
"product_id": "kernel-devel-3.12.74-60.64.88.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.74-60.64.88.1.noarch",
"product": {
"name": "kernel-macros-3.12.74-60.64.88.1.noarch",
"product_id": "kernel-macros-3.12.74-60.64.88.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.74-60.64.88.1.noarch",
"product": {
"name": "kernel-source-3.12.74-60.64.88.1.noarch",
"product_id": "kernel-source-3.12.74-60.64.88.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.88.1.ppc64le",
"product": {
"name": "kernel-default-3.12.74-60.64.88.1.ppc64le",
"product_id": "kernel-default-3.12.74-60.64.88.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"product_id": "kernel-default-base-3.12.74-60.64.88.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"product_id": "kernel-default-devel-3.12.74-60.64.88.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.88.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.74-60.64.88.1.ppc64le",
"product_id": "kernel-syms-3.12.74-60.64.88.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.88.1.s390x",
"product": {
"name": "kernel-default-3.12.74-60.64.88.1.s390x",
"product_id": "kernel-default-3.12.74-60.64.88.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.88.1.s390x",
"product": {
"name": "kernel-default-base-3.12.74-60.64.88.1.s390x",
"product_id": "kernel-default-base-3.12.74-60.64.88.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.88.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.88.1.s390x",
"product_id": "kernel-default-devel-3.12.74-60.64.88.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.74-60.64.88.1.s390x",
"product": {
"name": "kernel-default-man-3.12.74-60.64.88.1.s390x",
"product_id": "kernel-default-man-3.12.74-60.64.88.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.88.1.s390x",
"product": {
"name": "kernel-syms-3.12.74-60.64.88.1.s390x",
"product_id": "kernel-syms-3.12.74-60.64.88.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-default-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-default-3.12.74-60.64.88.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-default-base-3.12.74-60.64.88.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-default-devel-3.12.74-60.64.88.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-syms-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-syms-3.12.74-60.64.88.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-xen-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-xen-3.12.74-60.64.88.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-xen-base-3.12.74-60.64.88.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-xen-devel-3.12.74-60.64.88.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"product_id": "kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-ec2-3.12.74-60.64.88.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.74-60.64.88.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.74-60.64.88.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 6",
"product": {
"name": "SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.88.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.88.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.88.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.88.1.noarch as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.88.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.88.1.noarch as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.88.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.88.1.noarch as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.88.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.88.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.88.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.88.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.88.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.88.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le"
},
"product_reference": "kernel-default-3.12.74-60.64.88.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.88.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.88.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.88.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.88.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.88.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.88.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.88.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.88.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.88.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.74-60.64.88.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.88.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le"
},
"product_reference": "kernel-default-3.12.74-60.64.88.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.88.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x"
},
"product_reference": "kernel-default-3.12.74-60.64.88.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-default-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.88.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.88.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x"
},
"product_reference": "kernel-default-base-3.12.74-60.64.88.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.88.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.88.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.88.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.74-60.64.88.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x"
},
"product_reference": "kernel-default-man-3.12.74-60.64.88.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.74-60.64.88.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch"
},
"product_reference": "kernel-devel-3.12.74-60.64.88.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.74-60.64.88.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch"
},
"product_reference": "kernel-macros-3.12.74-60.64.88.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.74-60.64.88.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch"
},
"product_reference": "kernel-source-3.12.74-60.64.88.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.88.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.74-60.64.88.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.88.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x"
},
"product_reference": "kernel-syms-3.12.74-60.64.88.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-syms-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-xen-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.74-60.64.88.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-0861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-0861"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-0861",
"url": "https://www.suse.com/security/cve/CVE-2017-0861"
},
{
"category": "external",
"summary": "SUSE Bug 1088260 for CVE-2017-0861",
"url": "https://bugzilla.suse.com/1088260"
},
{
"category": "external",
"summary": "SUSE Bug 1088268 for CVE-2017-0861",
"url": "https://bugzilla.suse.com/1088268"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-0861",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-0861",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "moderate"
}
],
"title": "CVE-2017-0861"
},
{
"cve": "CVE-2017-11089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11089"
}
],
"notes": [
{
"category": "general",
"text": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11089",
"url": "https://www.suse.com/security/cve/CVE-2017-11089"
},
{
"category": "external",
"summary": "SUSE Bug 1088261 for CVE-2017-11089",
"url": "https://bugzilla.suse.com/1088261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "moderate"
}
],
"title": "CVE-2017-11089"
},
{
"cve": "CVE-2017-13220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13220"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13220",
"url": "https://www.suse.com/security/cve/CVE-2017-13220"
},
{
"category": "external",
"summary": "SUSE Bug 1076537 for CVE-2017-13220",
"url": "https://bugzilla.suse.com/1076537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "moderate"
}
],
"title": "CVE-2017-13220"
},
{
"cve": "CVE-2017-18203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18203"
}
],
"notes": [
{
"category": "general",
"text": "The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18203",
"url": "https://www.suse.com/security/cve/CVE-2017-18203"
},
{
"category": "external",
"summary": "SUSE Bug 1083242 for CVE-2017-18203",
"url": "https://bugzilla.suse.com/1083242"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-18203",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "moderate"
}
],
"title": "CVE-2017-18203"
},
{
"cve": "CVE-2018-10087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10087"
}
],
"notes": [
{
"category": "general",
"text": "The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10087",
"url": "https://www.suse.com/security/cve/CVE-2018-10087"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1089608 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1089608"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "low"
}
],
"title": "CVE-2018-10087"
},
{
"cve": "CVE-2018-10124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10124"
}
],
"notes": [
{
"category": "general",
"text": "The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10124",
"url": "https://www.suse.com/security/cve/CVE-2018-10124"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1089752 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1089752"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "moderate"
}
],
"title": "CVE-2018-10124"
},
{
"cve": "CVE-2018-1087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1087"
}
],
"notes": [
{
"category": "general",
"text": "kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1087",
"url": "https://www.suse.com/security/cve/CVE-2018-1087"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-1087",
"url": "https://bugzilla.suse.com/1087088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "important"
}
],
"title": "CVE-2018-1087"
},
{
"cve": "CVE-2018-7757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7757"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7757",
"url": "https://www.suse.com/security/cve/CVE-2018-7757"
},
{
"category": "external",
"summary": "SUSE Bug 1084536 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1084536"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087209 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1087209"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "moderate"
}
],
"title": "CVE-2018-7757"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
},
{
"cve": "CVE-2018-8822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8822"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8822",
"url": "https://www.suse.com/security/cve/CVE-2018-8822"
},
{
"category": "external",
"summary": "SUSE Bug 1086162 for CVE-2018-8822",
"url": "https://bugzilla.suse.com/1086162"
},
{
"category": "external",
"summary": "SUSE Bug 1090404 for CVE-2018-8822",
"url": "https://bugzilla.suse.com/1090404"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-8822",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "moderate"
}
],
"title": "CVE-2018-8822"
},
{
"cve": "CVE-2018-8897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8897"
}
],
"notes": [
{
"category": "general",
"text": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8897",
"url": "https://www.suse.com/security/cve/CVE-2018-8897"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087088"
},
{
"category": "external",
"summary": "SUSE Bug 1090368 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "external",
"summary": "SUSE Bug 1090820 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090820"
},
{
"category": "external",
"summary": "SUSE Bug 1090869 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "external",
"summary": "SUSE Bug 1092497 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "external",
"summary": "SUSE Bug 1093522 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093522"
},
{
"category": "external",
"summary": "SUSE Bug 1093524 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093524"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100835 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1100835"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-default-man-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-default-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-devel-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-macros-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-source-3.12.74-60.64.88.1.noarch",
"SUSE OpenStack Cloud 6:kernel-syms-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-base-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kernel-xen-devel-3.12.74-60.64.88.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-default-1-2.3.1.x86_64",
"SUSE OpenStack Cloud 6:kgraft-patch-3_12_74-60_64_88-xen-1-2.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:30:04Z",
"details": "important"
}
],
"title": "CVE-2018-8897"
}
]
}
SUSE-SU-2018:1221-1
Vulnerability from csaf_suse - Published: 2018-05-11 15:16 - Updated: 2018-05-11 15:16Summary
Security update for the Linux Kernel
Notes
Title of the patch
Security update for the Linux Kernel
Description of the patch
The SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes.
The following security bugs were fixed:
- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088)
- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088)
- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bnc#1090643).
- CVE-2018-10124: The kill_something_info function in kernel/signal.c might allow local users to cause a denial of service via an INT_MIN argument (bnc#1089752).
- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value (bnc#1089608).
- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536 1087209).
- CVE-2017-13220: An elevation of privilege vulnerability in the Upstream kernel bluez was fixed. (bnc#1076537).
- CVE-2017-11089: A buffer overread was observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes (bnc#1088261).
- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem allowed attackers to gain privileges via unspecified vectors (bnc#1088260).
- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).
- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices (bnc#1083242).
The following non-security bugs were fixed:
- Integrate fixes resulting from bsc#1088147 More info in the respective commit messages.
- KABI: x86/kaiser: properly align trampoline stack (bsc#1087260).
- kGraft: fix small race in reversion code (bsc#1083125).
- kabi/severities: Ignore kgr_shadow_* kABI changes
- kvm/x86: fix icebp instruction handling (bsc#1087088).
- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299 fate#313296).
- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299 fate#313296).
- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).
- x86/kaiser: properly align trampoline stack (bsc#1087260).
- x86/retpoline: do not perform thunk calls in ring3 vsyscall code (bsc#1085331).
Patchnames
SUSE-SLE-Module-Public-Cloud-12-2018-844,SUSE-SLE-SERVER-12-2018-844
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\n\nThe SUSE Linux Enterprise 12 GA LTSS kernel was updated to receive various security and bugfixes.\n\nThe following security bugs were fixed:\n\n- CVE-2018-1087: And an unprivileged KVM guest user could use this flaw to potentially escalate their privileges inside a guest. (bsc#1087088)\n- CVE-2018-8897: An unprivileged system user could use incorrect set up interrupt stacks to crash the Linux kernel resulting in DoS issue. (bsc#1087088)\n- CVE-2018-8781: The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c had an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space (bnc#1090643).\n- CVE-2018-10124: The kill_something_info function in kernel/signal.c might allow local users to cause a denial of service via an INT_MIN argument (bnc#1089752).\n- CVE-2018-10087: The kernel_wait4 function in kernel/exit.c might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value (bnc#1089608).\n- CVE-2018-7757: Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c allowed local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file (bnc#1084536 1087209).\n- CVE-2017-13220: An elevation of privilege vulnerability in the Upstream kernel bluez was fixed. (bnc#1076537).\n- CVE-2017-11089: A buffer overread was observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes (bnc#1088261).\n- CVE-2017-0861: Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem allowed attackers to gain privileges via unspecified vectors (bnc#1088260).\n- CVE-2018-8822: Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c could be exploited by malicious NCPFS servers to crash the kernel or execute code (bnc#1086162).\n- CVE-2017-18203: The dm_get_from_kobject function in drivers/md/dm.c allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices (bnc#1083242).\n\nThe following non-security bugs were fixed:\n\n- Integrate fixes resulting from bsc#1088147 More info in the respective commit messages.\n- KABI: x86/kaiser: properly align trampoline stack (bsc#1087260).\n- kGraft: fix small race in reversion code (bsc#1083125).\n- kabi/severities: Ignore kgr_shadow_* kABI changes\n- kvm/x86: fix icebp instruction handling (bsc#1087088).\n- livepatch: Allow to call a custom callback when freeing shadow variables (bsc#1082299 fate#313296).\n- livepatch: Initialize shadow variables safely by a custom callback (bsc#1082299 fate#313296).\n- x86/entry/64: Do not use IST entry for #BP stack (bsc#1087088).\n- x86/kaiser: properly align trampoline stack (bsc#1087260).\n- x86/retpoline: do not perform thunk calls in ring3 vsyscall code (bsc#1085331).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Public-Cloud-12-2018-844,SUSE-SLE-SERVER-12-2018-844",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2018_1221-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2018:1221-1",
"url": "https://www.suse.com/support/update/announcement/2018/suse-su-20181221-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2018:1221-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2018-May/003998.html"
},
{
"category": "self",
"summary": "SUSE Bug 1076537",
"url": "https://bugzilla.suse.com/1076537"
},
{
"category": "self",
"summary": "SUSE Bug 1082299",
"url": "https://bugzilla.suse.com/1082299"
},
{
"category": "self",
"summary": "SUSE Bug 1083125",
"url": "https://bugzilla.suse.com/1083125"
},
{
"category": "self",
"summary": "SUSE Bug 1083242",
"url": "https://bugzilla.suse.com/1083242"
},
{
"category": "self",
"summary": "SUSE Bug 1084536",
"url": "https://bugzilla.suse.com/1084536"
},
{
"category": "self",
"summary": "SUSE Bug 1085331",
"url": "https://bugzilla.suse.com/1085331"
},
{
"category": "self",
"summary": "SUSE Bug 1086162",
"url": "https://bugzilla.suse.com/1086162"
},
{
"category": "self",
"summary": "SUSE Bug 1087088",
"url": "https://bugzilla.suse.com/1087088"
},
{
"category": "self",
"summary": "SUSE Bug 1087209",
"url": "https://bugzilla.suse.com/1087209"
},
{
"category": "self",
"summary": "SUSE Bug 1087260",
"url": "https://bugzilla.suse.com/1087260"
},
{
"category": "self",
"summary": "SUSE Bug 1088147",
"url": "https://bugzilla.suse.com/1088147"
},
{
"category": "self",
"summary": "SUSE Bug 1088260",
"url": "https://bugzilla.suse.com/1088260"
},
{
"category": "self",
"summary": "SUSE Bug 1088261",
"url": "https://bugzilla.suse.com/1088261"
},
{
"category": "self",
"summary": "SUSE Bug 1089608",
"url": "https://bugzilla.suse.com/1089608"
},
{
"category": "self",
"summary": "SUSE Bug 1089752",
"url": "https://bugzilla.suse.com/1089752"
},
{
"category": "self",
"summary": "SUSE Bug 1090643",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-0861 page",
"url": "https://www.suse.com/security/cve/CVE-2017-0861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-11089 page",
"url": "https://www.suse.com/security/cve/CVE-2017-11089/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-13220 page",
"url": "https://www.suse.com/security/cve/CVE-2017-13220/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-18203 page",
"url": "https://www.suse.com/security/cve/CVE-2017-18203/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10124 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10124/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-1087 page",
"url": "https://www.suse.com/security/cve/CVE-2018-1087/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-7757 page",
"url": "https://www.suse.com/security/cve/CVE-2018-7757/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8781 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8781/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8822 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-8897 page",
"url": "https://www.suse.com/security/cve/CVE-2018-8897/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2018-05-11T15:16:24Z",
"generator": {
"date": "2018-05-11T15:16:24Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2018:1221-1",
"initial_release_date": "2018-05-11T15:16:24Z",
"revision_history": [
{
"date": "2018-05-11T15:16:24Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-3.12.61-52.128.1.noarch",
"product": {
"name": "kernel-devel-3.12.61-52.128.1.noarch",
"product_id": "kernel-devel-3.12.61-52.128.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-3.12.61-52.128.1.noarch",
"product": {
"name": "kernel-macros-3.12.61-52.128.1.noarch",
"product_id": "kernel-macros-3.12.61-52.128.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-3.12.61-52.128.1.noarch",
"product": {
"name": "kernel-source-3.12.61-52.128.1.noarch",
"product_id": "kernel-source-3.12.61-52.128.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.128.1.ppc64le",
"product": {
"name": "kernel-default-3.12.61-52.128.1.ppc64le",
"product_id": "kernel-default-3.12.61-52.128.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.128.1.ppc64le",
"product": {
"name": "kernel-default-base-3.12.61-52.128.1.ppc64le",
"product_id": "kernel-default-base-3.12.61-52.128.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.128.1.ppc64le",
"product": {
"name": "kernel-default-devel-3.12.61-52.128.1.ppc64le",
"product_id": "kernel-default-devel-3.12.61-52.128.1.ppc64le"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.128.1.ppc64le",
"product": {
"name": "kernel-syms-3.12.61-52.128.1.ppc64le",
"product_id": "kernel-syms-3.12.61-52.128.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.128.1.s390x",
"product": {
"name": "kernel-default-3.12.61-52.128.1.s390x",
"product_id": "kernel-default-3.12.61-52.128.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.128.1.s390x",
"product": {
"name": "kernel-default-base-3.12.61-52.128.1.s390x",
"product_id": "kernel-default-base-3.12.61-52.128.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.128.1.s390x",
"product": {
"name": "kernel-default-devel-3.12.61-52.128.1.s390x",
"product_id": "kernel-default-devel-3.12.61-52.128.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-man-3.12.61-52.128.1.s390x",
"product": {
"name": "kernel-default-man-3.12.61-52.128.1.s390x",
"product_id": "kernel-default-man-3.12.61-52.128.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.128.1.s390x",
"product": {
"name": "kernel-syms-3.12.61-52.128.1.s390x",
"product_id": "kernel-syms-3.12.61-52.128.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-ec2-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-ec2-3.12.61-52.128.1.x86_64",
"product_id": "kernel-ec2-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"product_id": "kernel-ec2-devel-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"product_id": "kernel-ec2-extra-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-default-3.12.61-52.128.1.x86_64",
"product_id": "kernel-default-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-default-base-3.12.61-52.128.1.x86_64",
"product_id": "kernel-default-base-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-devel-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-default-devel-3.12.61-52.128.1.x86_64",
"product_id": "kernel-default-devel-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-syms-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-syms-3.12.61-52.128.1.x86_64",
"product_id": "kernel-syms-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-xen-3.12.61-52.128.1.x86_64",
"product_id": "kernel-xen-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-base-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-xen-base-3.12.61-52.128.1.x86_64",
"product_id": "kernel-xen-base-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-xen-devel-3.12.61-52.128.1.x86_64",
"product": {
"name": "kernel-xen-devel-3.12.61-52.128.1.x86_64",
"product_id": "kernel-xen-devel-3.12.61-52.128.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64",
"product": {
"name": "kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64",
"product_id": "kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product": {
"name": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-public-cloud:12"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-ec2-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-devel-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ec2-extra-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Module for Public Cloud 12",
"product_id": "SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Public Cloud 12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.128.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le"
},
"product_reference": "kernel-default-3.12.61-52.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.128.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x"
},
"product_reference": "kernel-default-3.12.61-52.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-default-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.128.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le"
},
"product_reference": "kernel-default-base-3.12.61-52.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.128.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x"
},
"product_reference": "kernel-default-base-3.12.61-52.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-default-base-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.128.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le"
},
"product_reference": "kernel-default-devel-3.12.61-52.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.128.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x"
},
"product_reference": "kernel-default-devel-3.12.61-52.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-devel-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-default-devel-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-man-3.12.61-52.128.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x"
},
"product_reference": "kernel-default-man-3.12.61-52.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-3.12.61-52.128.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch"
},
"product_reference": "kernel-devel-3.12.61-52.128.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-3.12.61-52.128.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch"
},
"product_reference": "kernel-macros-3.12.61-52.128.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-3.12.61-52.128.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch"
},
"product_reference": "kernel-source-3.12.61-52.128.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.128.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le"
},
"product_reference": "kernel-syms-3.12.61-52.128.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.128.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x"
},
"product_reference": "kernel-syms-3.12.61-52.128.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-syms-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-syms-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-xen-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-base-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-xen-base-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-xen-devel-3.12.61-52.128.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64"
},
"product_reference": "kernel-xen-devel-3.12.61-52.128.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
},
"product_reference": "kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-0861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-0861"
}
],
"notes": [
{
"category": "general",
"text": "Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecified vectors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-0861",
"url": "https://www.suse.com/security/cve/CVE-2017-0861"
},
{
"category": "external",
"summary": "SUSE Bug 1088260 for CVE-2017-0861",
"url": "https://bugzilla.suse.com/1088260"
},
{
"category": "external",
"summary": "SUSE Bug 1088268 for CVE-2017-0861",
"url": "https://bugzilla.suse.com/1088268"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-0861",
"url": "https://bugzilla.suse.com/1091815"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2017-0861",
"url": "https://bugzilla.suse.com/1115893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "moderate"
}
],
"title": "CVE-2017-0861"
},
{
"cve": "CVE-2017-11089",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-11089"
}
],
"notes": [
{
"category": "general",
"text": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-11089",
"url": "https://www.suse.com/security/cve/CVE-2017-11089"
},
{
"category": "external",
"summary": "SUSE Bug 1088261 for CVE-2017-11089",
"url": "https://bugzilla.suse.com/1088261"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "moderate"
}
],
"title": "CVE-2017-11089"
},
{
"cve": "CVE-2017-13220",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-13220"
}
],
"notes": [
{
"category": "general",
"text": "An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-13220",
"url": "https://www.suse.com/security/cve/CVE-2017-13220"
},
{
"category": "external",
"summary": "SUSE Bug 1076537 for CVE-2017-13220",
"url": "https://bugzilla.suse.com/1076537"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "moderate"
}
],
"title": "CVE-2017-13220"
},
{
"cve": "CVE-2017-18203",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-18203"
}
],
"notes": [
{
"category": "general",
"text": "The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-18203",
"url": "https://www.suse.com/security/cve/CVE-2017-18203"
},
{
"category": "external",
"summary": "SUSE Bug 1083242 for CVE-2017-18203",
"url": "https://bugzilla.suse.com/1083242"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2017-18203",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "moderate"
}
],
"title": "CVE-2017-18203"
},
{
"cve": "CVE-2018-10087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10087"
}
],
"notes": [
{
"category": "general",
"text": "The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10087",
"url": "https://www.suse.com/security/cve/CVE-2018-10087"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1089608 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1089608"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-10087",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "low"
}
],
"title": "CVE-2018-10087"
},
{
"cve": "CVE-2018-10124",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10124"
}
],
"notes": [
{
"category": "general",
"text": "The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10124",
"url": "https://www.suse.com/security/cve/CVE-2018-10124"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1089752 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1089752"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-10124",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "moderate"
}
],
"title": "CVE-2018-10124"
},
{
"cve": "CVE-2018-1087",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-1087"
}
],
"notes": [
{
"category": "general",
"text": "kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel\u0027s KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-1087",
"url": "https://www.suse.com/security/cve/CVE-2018-1087"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-1087",
"url": "https://bugzilla.suse.com/1087088"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "important"
}
],
"title": "CVE-2018-1087"
},
{
"cve": "CVE-2018-7757",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-7757"
}
],
"notes": [
{
"category": "general",
"text": "Memory leak in the sas_smp_get_phy_events function in drivers/scsi/libsas/sas_expander.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (memory consumption) via many read accesses to files in the /sys/class/sas_phy directory, as demonstrated by the /sys/class/sas_phy/phy-1:0:12/invalid_dword_count file.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-7757",
"url": "https://www.suse.com/security/cve/CVE-2018-7757"
},
{
"category": "external",
"summary": "SUSE Bug 1084536 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1084536"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1087209 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1087209"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-7757",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "moderate"
}
],
"title": "CVE-2018-7757"
},
{
"cve": "CVE-2018-8781",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8781"
}
],
"notes": [
{
"category": "general",
"text": "The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8781",
"url": "https://www.suse.com/security/cve/CVE-2018-8781"
},
{
"category": "external",
"summary": "SUSE Bug 1087082 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1087082"
},
{
"category": "external",
"summary": "SUSE Bug 1090643 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090643"
},
{
"category": "external",
"summary": "SUSE Bug 1090646 for CVE-2018-8781",
"url": "https://bugzilla.suse.com/1090646"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "important"
}
],
"title": "CVE-2018-8781"
},
{
"cve": "CVE-2018-8822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8822"
}
],
"notes": [
{
"category": "general",
"text": "Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8822",
"url": "https://www.suse.com/security/cve/CVE-2018-8822"
},
{
"category": "external",
"summary": "SUSE Bug 1086162 for CVE-2018-8822",
"url": "https://bugzilla.suse.com/1086162"
},
{
"category": "external",
"summary": "SUSE Bug 1090404 for CVE-2018-8822",
"url": "https://bugzilla.suse.com/1090404"
},
{
"category": "external",
"summary": "SUSE Bug 1091815 for CVE-2018-8822",
"url": "https://bugzilla.suse.com/1091815"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "moderate"
}
],
"title": "CVE-2018-8822"
},
{
"cve": "CVE-2018-8897",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-8897"
}
],
"notes": [
{
"category": "general",
"text": "A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer\u0027s Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL \u003c 3, the debug exception is delivered after the transfer to CPL \u003c 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-8897",
"url": "https://www.suse.com/security/cve/CVE-2018-8897"
},
{
"category": "external",
"summary": "SUSE Bug 1087078 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087078"
},
{
"category": "external",
"summary": "SUSE Bug 1087088 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1087088"
},
{
"category": "external",
"summary": "SUSE Bug 1090368 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090368"
},
{
"category": "external",
"summary": "SUSE Bug 1090820 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090820"
},
{
"category": "external",
"summary": "SUSE Bug 1090869 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1090869"
},
{
"category": "external",
"summary": "SUSE Bug 1092497 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1092497"
},
{
"category": "external",
"summary": "SUSE Bug 1093522 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093522"
},
{
"category": "external",
"summary": "SUSE Bug 1093524 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1093524"
},
{
"category": "external",
"summary": "SUSE Bug 1098813 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1098813"
},
{
"category": "external",
"summary": "SUSE Bug 1100835 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1100835"
},
{
"category": "external",
"summary": "SUSE Bug 1115893 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1115893"
},
{
"category": "external",
"summary": "SUSE Bug 1178658 for CVE-2018-8897",
"url": "https://bugzilla.suse.com/1178658"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Module for Public Cloud 12:kernel-ec2-extra-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-default-man-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-devel-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-macros-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-source-3.12.61-52.128.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:kernel-syms-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-base-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kernel-xen-devel-3.12.61-52.128.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-default-1-1.3.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:kgraft-patch-3_12_61-52_128-xen-1-1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2018-05-11T15:16:24Z",
"details": "important"
}
],
"title": "CVE-2018-8897"
}
]
}
FKIE_CVE-2017-11089
Vulnerability from fkie_nvd - Published: 2017-11-16 22:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes
References
| URL | Tags | ||
|---|---|---|---|
| product-security@qualcomm.com | https://source.android.com/security/bulletin/pixel/2017-11-01 | Patch, Vendor Advisory | |
| product-security@qualcomm.com | https://usn.ubuntu.com/3620-1/ | ||
| product-security@qualcomm.com | https://usn.ubuntu.com/3620-2/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://source.android.com/security/bulletin/pixel/2017-11-01 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3620-1/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://usn.ubuntu.com/3620-2/ |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes"
},
{
"lang": "es",
"value": "En Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, se observa una sobrelectura de b\u00fafer en nl80211_set_station cuando la aplicaci\u00f3n del espacio de usuario env\u00eda el atributo NL80211_ATTR_LOCAL_MESH_POWER_MODE con datos de un tama\u00f1o inferior a 4 bytes."
}
],
"id": "CVE-2017-11089",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-11-16T22:29:01.190",
"references": [
{
"source": "product-security@qualcomm.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"source": "product-security@qualcomm.com",
"url": "https://usn.ubuntu.com/3620-1/"
},
{
"source": "product-security@qualcomm.com",
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3620-1/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://usn.ubuntu.com/3620-2/"
}
],
"sourceIdentifier": "product-security@qualcomm.com",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2017-11089
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-11089",
"description": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes",
"id": "GSD-2017-11089",
"references": [
"https://www.suse.com/security/cve/CVE-2017-11089.html",
"https://ubuntu.com/security/CVE-2017-11089"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-11089"
],
"details": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes",
"id": "GSD-2017-11089",
"modified": "2023-12-13T01:21:15.869862Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "product-security@qualcomm.com",
"DATE_PUBLIC": "2017-11-01T00:00:00",
"ID": "CVE-2017-11089",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
"version": {
"version_data": [
{
"version_value": "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
},
"vendor_name": "Qualcomm, Inc."
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Over-read in WLAN"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "USN-3620-2",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"name": "https://source.android.com/security/bulletin/pixel/2017-11-01",
"refsource": "CONFIRM",
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"name": "USN-3620-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/3620-1/"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security.cna@qualcomm.com",
"ID": "CVE-2017-11089"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl80211_set_station when user space application sends attribute NL80211_ATTR_LOCAL_MESH_POWER_MODE with data of size less than 4 bytes"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://source.android.com/security/bulletin/pixel/2017-11-01",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://source.android.com/security/bulletin/pixel/2017-11-01"
},
{
"name": "USN-3620-2",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3620-2/"
},
{
"name": "USN-3620-1",
"refsource": "UBUNTU",
"tags": [],
"url": "https://usn.ubuntu.com/3620-1/"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6
}
},
"lastModifiedDate": "2019-10-03T00:03Z",
"publishedDate": "2017-11-16T22:29Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…